9 matches found
CVE-2022-29972
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver 1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52 may allow a local user to execute arbitrary code...
Technical Details Released for 'SynLapse' RCE Vulnerability Reported in Microsoft Azure
Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes...
Update now! Microsoft releases patches, including one for actively exploited zero-day
Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that affects all supported versions of Windows. First, well look at the actively exploited zero-day. Then well discuss two zero-days that...
Actively Exploited Zero-Day Bug Patched by Microsoft
Microsoft has revealed 73 new patches for May’s monthly update of security fixes, including a patch for one flaw–a zero-day Windows LSA Spoofing Vulnerability rated as “important”—that is currently being exploited with man-in-the-middle attacks. The software giant’s monthly update of patches that...
Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as...
Patch Tuesday - May 2022
This month is par for the course in terms of both number and severity of vulnerabilities being patched by Microsoft. That means there’s plenty of work to be done by system and network administrators, as usual. There is one 0-day this month: CVE-2022-26925, a Spoofing vulnerability in the Windows...
May 2022 Patch Tuesday | Microsoft Releases 75 Vulnerabilities with 8 Critical; Adobe Releases 5 Advisories, 18 Vulnerabilities with 16 Critical.
Microsoft Patch Tuesday Summary Microsoft has fixed 75 vulnerabilities in the May 2022 update, including one advisory ADV2200011 for Azure in response to CVE-2022-29972, a publicly exposed Zero-Day Remote Code Execution RCE Vulnerability, and eight 8 vulnerabilities classified as Critical as they...
Vulnerability fixed in Microsoft Azure
A vulnerability has been fixed in Microsoft Azure. The vulnerability allows an authenticated malicious person to execute arbitrary code. The vulnerability is in a driver used to run in Azure Synapse pipelines and Azure Data Factory Integration Runtime IR to connect to Amazon Redshift. The malicio...
CVE-2022-29972
creationtimestamp| type| source ---|---|--- 2022-05-09 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2022/05/vulnerability-mitigated-in-the-third-party-data-connector-used-in-azure-synapse-pipelines-and-azure-data-factory-cve-2022-29972/ 2022-05-09 22:33:07+00:00| seen|...