6 matches found
First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability
Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated...
Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days
Microsoft has addressed a total of 97 security vulnerabilities in its January 2022 Patch Tuesday update – nine of them rated critical – including six that are listed as publicly known zero-days. The fixes cover a swath of the computing giant’s portfolio, including: Microsoft Windows and Windows...
CVE-2022-21874
Windows Security Center API Remote Code Execution Vulnerability...
CVE-2022-21874
CVE-2022-21874 is a Windows Security Center API RCE vulnerability. Public details in the connected documents describe it as an RCE in the Windows Security Center API with a CVSS v3.1 base score of 7.8 (High) and a Local attack vector requiring user interaction for exploitation. Exploitation conte...
KB5009543: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (January 2022)
The remote Windows host is missing security update 5009543. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-21849, CVE-2022-21850,...
KB5009557: Windows 10 Version 1809 and Windows Server 2019 Security Update (January 2022)
The remote Windows host is missing security update 5009557. It is, therefore, affected by multiple vulnerabilities: - A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2022-21836 - A denial of service DoS vulnerabilit...