#microsoft

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** An authenticated victim who is connected to the network must be tricked or persuaded to connect to a malicious SQL database using their SQL client application. After the connection is made, the server can send specially crafted replies to the client that exploit the vulnerability and permit execution of arbitrary code within the context of the user's SQL client application.

**Why is the MITRE Corporation the assigning CNA (CVE Numbering Authority)?** CVE-2022-35737 is regarding a vulnerability in SQLite. MITRE assigned this CVE number on behalf of the SQLite organization. Microsoft has included the updated library in Windows that addresses this vulnerability.

**What privileges an attacker could gain with a successful exploitation?** An attacker who successfully exploited this vulnerability could gain privilege escalation in the processing of .vhdx files in the Windows Kernel.

Traditional vulnerability management uses a singular “patch all things” approach that is ineffective and costly. It’s time we shifted to adopting appropriate risk-based approaches that consider more than an exclusive focus on patching security issues. Organizations are increasingly called upon to navigate a complex cybersecurity landscape which is more than just potential threats and attacks. It also includes the complexity and sheer volume of software. This requires going beyond “security by compliance” and utilizing comprehensive risk assessment, appropriate prioritization of resou

By Deeba Ahmed Undetected for Over 11 Months, AsyncRAT Lurked on Systems of Sensitive US Agencies with Critical Infrastructures, reports the… This is a post from HackRead.com Read the original post: AsyncRAT Infiltrates Key US Infrastructure Through GIFs and SVGs

You asked for it and it’s finally here! The inaugural BlueHat India conference will be held April 18-19, 2024, in Hyderabad, India! This intimate conference will bring together a unique blend of security researchers and responders, who come together as peers to exchange ideas, experiences, and learnings in the interest of creating a safer and more secure world for all.

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

Windows Event logs are the main source of information for defensive security teams to identify threats and for administrators to troubleshoot errors. The logs are… Continue reading → Persistence – Event Log

Researchers have found flaws in the way SMTP servers handle messages, allowing them to send spoofed emails to and from targets.

Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group