Head Topics

Microsoft's Patch Tuesday fixes one bug under active exploit

  • 📰 TheRegister
  • ⏱ Reading Time:
  • 46 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 22%
  • Publisher: 61%

United Kingdom Headlines News

United Kingdom Latest News,United Kingdom Headlines

Microsoft's July Patch Tuesday fixes actively exploited bug

are two more critical vulns in the Windows Network File System , which has needed patches for critical RCE flaws in the past few months. While the July fixes received a lower CVSS score compared to previous months' — the latest ones received 8.1 and 7.5 severity scores, respectively, compared to9.8 CVSS rating — as with the earlier NFS bugs, they could be exploited over the network by a unauthenticated attacker and used to remotely execute malicious code.

Redmond considers the attack complexity high for both. Exploiting CVE-2022-22029,"requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data," the software giant explained. Meanwhile, CVE-2022-22039 would require a miscreant to win a race condition., is a remote procedure call runtime RCE in Windows that received a CVSS score of 8.1.

"Unless you are actively blocking RPC activity, you may not see these attempts," ZDI's Dustin Childs explained."If the exploit complexity were low, which some would argue since the attempts could likely be scripted, the CVSS would be 9.8. Test and deploy this one quickly."Adobe also had a slow-ish July Patch Tuesday, compared to last month, and fixed 27 vulnerabilities across its RoboHelp, Acrobat and Reader, Character and Animator, and Photoshop products.

 

Thank you for your comment. Your comment will be published after being reviewed.
Please try again later.
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

 /  🏆 67. in UK

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

A modder has cancelled their ambitious Sonic Origins mod because the game is ‘absolute s**t’ | VGCA modder has abandoned their ambitious Sonic Origins mod, because they say the process has made it clear 'the game is absolute shit'. I could have worked that out from the fact that it has 'Sonic' in the title. TCGSco jcafarley 🤣 When real life meets HardDriveMag
Source: VGC_News - 🏆 125. / 51 Read more »

NASA's first Webb Telescope shot puts everything into perspectiveFirst photo from the new space telescope reveals a tiny patch of sky in magnificent detail.
Source: CreativeBloq - 🏆 40. / 65 Read more »

Xbox Series X|S figures double Xbox One lifetime sales in JapanMicrosoft's focus on the Japanese market is starting to bear fruit, with Xbox Series X|S lifetime sales figures already having doubled that of the Xbox One in the country. Hell yeah Great. Hopefully we might get more games by Japanese studios instead of all of them being on PS and Nintendo good news and I want play more Japan games.
Source: TrueAchievement - 🏆 31. / 68 Read more »

“Adam Collard is back on Love Island – is this really how we reward men’s bad behaviour?”'It is a bitter pill to swallow, then, that the man heralded as a “mass manipulator” is now being celebrated with a victorious return to the LoveIsland villa.'
Source: StylistMagazine - 🏆 133. / 51 Read more »

Even robots have the right to learn from open sourceJust because it's Microsoft doesn't mean it's wrong I agree they should, they would need a balance of media or they with all end up crazy and kill us, and human are odd, not two ways about it imo!
Source: TheRegister - 🏆 67. / 61 Read more »

UK Ministry of Defence awards Boxxe Microsoft license dealContract seeks 'support with the renewal and running of Microsoft Enterprise Agreement'
Source: TheRegister - 🏆 67. / 61 Read more »