New zero-day vulnerabilities have been discovered in Windows 10. As a result, Microsoft has released critical security updates for users to install. But you'll want to do it right away, because hackers are already exploiting these flaws.
Microsoft has once again urged Windows users to upgrade their PCs with the most recent security patches after finding serious flaws, some of which are currently being used in the wild or may be used to spread a worm quickly.
Microsoft corrected more than 60 security flaws in its products in its most recent "Patch Tuesday" update, including five "critical" vulnerabilities.
A privilege escalation bug in the Windows Common Log File System (CLFS) that includes publicly available attack code is perhaps the most important vulnerability to address.
Researchers from four different security vendors reported the zero-day flaw to Microsoft, suggesting that its use has not been limited to one organization, but could be exploited by many. Microsoft warns that CVE-2022-37969, was reported to Microsoft by four different security vendors, suggesting that it may be exploited more widely than just one target organization.
It is obvious that things would get worse if hackers were able to execute remote code on a targeted system if the vulnerability allowed them to do so, but since exploit code has already been available and reports of exploitation have been made, it is still a serious vulnerability that needs to be addressed.
The Windows TCP/IP service has a remote code execution flaw, CVE-2022-34718, which could be exploited by a worm without user interaction.
CVE-2022-34718 is also a serious vulnerability in the Windows TCP/IP service, allowing a worm to spread without user interaction.
It is possible for an attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, making the vulnerability more likely to be exploited."
This, and other flaws it has patched in its latest security update, have been labelled as "exploitation more likely" by Microsoft without providing much information to the public about why they were labelled this way. Due to the lack of transparency, it is more difficult for companies to determine which vulnerabilities need to be patched first, or which mitigations need to be implemented, especially when the company is concerned about disrupting its other business activities.
0 comments :
Post a Comment