CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible....
Microsoft’s December 2022 Patch Tuesday Addresses 48 CVEs (CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710)....
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073)
Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the wild....
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws....
CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access....
CVE-2022-41040 and CVE-2022-41082: ProxyShell Variant Exploited in the Wild
Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available....
Microsoft’s September 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-37969)
Microsoft addresses 62 CVEs in its September 2022 Patch Tuesday release, including five critical flaws....
Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)
Microsoft addresses 118 CVEs in its August 2022 Patch Tuesday release, including 17 critical flaws....
Microsoft’s July 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-22047)
Microsoft addresses 84 CVEs in its July 2022 Patch Tuesday release, including four critical flaws and one zero day that has been exploited in the wild....
Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)
Microsoft addresses 55 CVEs in its June 2022 Patch Tuesday release, including three critical flaws....
CVE-2022-30190: Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild
Microsoft confirms remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool that has been exploited in the wild since at least April....
Microsoft’s May 2022 Patch Tuesday Addresses 73 CVEs (CVE-2022-26925)
Microsoft addresses 73 CVEs in its May 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild....