Security
Headlines
HeadlinesLatestCVEs

Tag

#Security Vulnerability

CVE-2022-26828: Windows Bluetooth Driver Elevation of Privilege Vulnerability

**Why is Attack Complexity marked as High for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

Microsoft Security Response Center
#vulnerability#windows#Microsoft Bluetooth Driver#Security Vulnerability
CVE-2022-26920: Windows Graphics Component Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

CVE-2022-24539: Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

CVE-2022-24527: Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability

**What is Windows Endpoint Configuration Manager?** Microsoft Endpoint Configuration Manager is an on-premises management solution to manage desktops, servers, and laptops that are on your network or are internet-based. You can cloud-enable it to integrate with Intune, Azure Active Directory (AD), Microsoft Defender for Endpoint, and other cloud services. Use Configuration Manager to deploy apps, software updates, and operating systems. You can also monitor compliance, query and act on clients in real time, and much more. For more information see - What is Configuration Manager?. **How do I get the latest patch?** The hot patch is available from Microsoft online at https://aka.ms/KB12819689. Instructions for applying the hot patch are included.

CVE-2022-24490: Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

CVE-2022-26896: Azure Site Recovery Information Disclosure Vulnerability

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

CVE-2022-26897: Azure Site Recovery Information Disclosure Vulnerability

**What privileges does an attacker require to exploit this vulnerability?** Exploiting this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

CVE-2022-23292: Microsoft Power BI Spoofing Vulnerability

**According to the CVSS, the Attack Complexity is High. What does that mean for this particular vulnerability?** The attack requires that multiple users try to use the gateway at the same time.

CVE-2022-24472: Microsoft SharePoint Server Spoofing Vulnerability

**According to the CVSS, User Interaction is Required. What interaction would the user have to do?** This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.

CVE-2022-24548: Microsoft Defender Denial of Service Vulnerability

References Identification First version of the Microsoft Malware Protection Engine with this vulnerability addressed Version 1.1.19100.5 See Manage Updates Baselines Microsoft Defender Antivirus for more information. **Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue?** Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state. **Why is no action required to install this update?** In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Microsoft Malware Protection Engine. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner. For enterprise deployments as well as end users,...