A “light” February 2022 Patch Tuesday that should not be ignored

8 February 2022

February 2022 Patch Tuesday is here and it’s all-around “light” – light in fixed CVE-numbered vulnerabilities (51), extremely light in critical fixes (50 are “important” and one is “moderate”), and light in exploited vulnerabilities (none of the vulnerabilities are listed as under active attack). Only one is listed as publicly known – CVE-2022-21989, a Windows Kernel EOP flaw – but while there’s apparently a PoC exploit out there (not necessarily public), “Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.” Microsoft also noted that exploitation of the vulnerability could be performed from a low privilege AppContainer.

Read full article on Help Net Security

Date:

8 February 2022

Categorie(s):

NEWS

Tag(s):

CISA, Immersive Labs, IT, Tenable, Trend Micro

A crafty new Android notification power-up24 April 2024
Binarly releases Transparency Platform v2.0 to improve software supply chain security24 April 2024
ShotSpotter Keeps Listening for Gunfire After Contracts Expire24 April 2024
French security startup BforeAI raises $15M for US expansion and service enhancement24 April 2024
Microsoft uses its genAI leverage against China — prelude to a tech Cold War?24 April 2024