Security News

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. The updates are in addition to 36 flaws patched in the Chromium-based Microsoft Edge browser on April 28, 2022.

Microsoft patched 74 security flaws in its May Patch Tuesday batch of updates. At least one of the vulnerabilities disclosed is under active attack with public exploit code, according to Redmond, while two others are listed as having public exploit code.

May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack and two publicly known vulnerabilities. First and foremost, we have CVE-2022-26925, an "Important" spoofing vulnerability in Windows Local Security Authority that may turn into a "Critical" one if combined with NTLM relay attacks.

Microsoft has addressed an actively exploited Windows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager security protocol. The vulnerability, tracked as CVE-2022-26925 and reported by Bertelsmann Printing Group's Raphael John, has been exploited in the wild and seems to be a new vector for the PetitPotam NTLM relay attack.

Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. Of the 75 vulnerabilities fixed in today's update, eight are classified as 'Critical' as they allow remote code execution or elevation of privileges.

Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. "The vulnerability was specific to the third-party Open Database Connectivity driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime and did not impact Azure Synapse as a whole," the company said.

Microsoft has released security updates to address a security flaw affecting Azure Synapse and Azure Data Factory pipelines that could let attackers execute remote commands across Integration Runtime infrastructure.The Integration Runtime compute infrastructure is used by Azure Synapse and Azure Data Factory pipelines to provide data integration capabilities across network environments package execution).

Microsoft is rolling out its "Security Experts" managed service with an eye on stomping down threats and malware. Microsoft is planning to roll out three such managed services in 2022, one of which became available today.

Microsoft Defender for Endpoint, formerly known as Microsoft Defender Advanced Threat Protection, is the tech giant's enterprise endpoint security platform. VMware Carbon Black Endpoint is an EDR software solution that consolidates multiple endpoint security features into a single platform.

When you install software are you sure it's code you can trust? There are so many questions we need to ask: do you know how that application got to you, how it was built and what third-party software is running under the hood? With no visibility into how that software was built, there was no way to know that that software shouldn't be trusted.