Security News

Three days have passed since Microsoft's latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. CVE-2022-26809 is a remote code execution vulnerability in Microsoft Remote Procedure Call runtime and affects a wide variety of Windows and Windows Server versions.

Microsoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed.If exploited, any commands will be executed at the same privilege level as the RPC server, which in many cases has elevated or SYSTEM level permissions, providing full administrative access to the exploited device.

The Cybersecurity and Infrastructure Security Agency has added ten new security bugs to its list of actively exploited vulnerabilities, including a high severity local privilege escalation bug in the Windows Common Log File System Driver. According to a binding operational directive issued in November, all Federal Civilian Executive Branch Agencies agencies must secure their systems against this security flaw after being added to CISA's catalog of Known Exploited Vulnerabilities.

A proof-of-concept exploit has been released online for the VMware CVE-2022-22954 remote code execution vulnerability, already being used in active attacks that infect servers with coin miners. The vulnerability is a critical remote code execution impacting VMware Workspace ONE Access and VMware Identity Manager, two widely used software products.

Apache has fixed a critical vulnerability in its vastly popular Struts project that was previously believed to have been resolved but, as it turns out, wasn't fully remedied. Tracked as CVE-2021-31805, the critical vulnerability exists in Struts 2 versions from 2.0.0 up to and including 2.5.29.

CISA adds 8 known security vulnerabilities as priorities to patch. The Cybersecurity & Infrastructure Security Agency, or CISA, maintains a database of known security vulnerabilities.

Microsoft's massive April Patch Tuesday includes one bug that has already been exploited in the wild and a second that has been publicly disclosed. While its severity score didn't rank as high as some on today's list - it received a 7.8 CVSS score aka "Important" - Microsoft stated its attack complexity low.

Today is Microsoft's April 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 119 flaws. [...]

Week in review: Disrupted Cyclops Blink botnet, public software apps at risk, Patch Tuesday forecast
Log4Shell exploitation: Which applications may be targeted next?Spring4Shell has dominated the information security news these last six days, but Log4Shell continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild. Security flaws found in 82% of public sector software applicationsVeracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest fix rates compared to other industry sectors.

Microsoft announced that Windows Autopatch, a service designed to automatically keep Windows and Office software up to date, will be released in July 2022. Windows Autopatch is a new managed service offered for free to all Microsoft customers who already have a Windows 10/11 Enterprise E3 or above license.