are two more critical vulns in the Windows Network File System , which has needed patches for critical RCE flaws in the past few months. While the July fixes received a lower CVSS score compared to previous months' — the latest ones received 8.1 and 7.5 severity scores, respectively, compared to9.8 CVSS rating — as with the earlier NFS bugs, they could be exploited over the network by a unauthenticated attacker and used to remotely execute malicious code.
Redmond considers the attack complexity high for both. Exploiting CVE-2022-22029,"requires an attacker to invest time in repeated exploitation attempts through sending constant or intermittent data," the software giant explained. Meanwhile, CVE-2022-22039 would require a miscreant to win a race condition., is a remote procedure call runtime RCE in Windows that received a CVSS score of 8.1.
"Unless you are actively blocking RPC activity, you may not see these attempts," ZDI's Dustin Childs explained."If the exploit complexity were low, which some would argue since the attempts could likely be scripted, the CVSS would be 9.8. Test and deploy this one quickly."Adobe also had a slow-ish July Patch Tuesday, compared to last month, and fixed 27 vulnerabilities across its RoboHelp, Acrobat and Reader, Character and Animator, and Photoshop products.
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: VGC_News - 🏆 125. / 51 Read more »
Source: CreativeBloq - 🏆 40. / 65 Read more »
Source: TrueAchievement - 🏆 31. / 68 Read more »
Source: StylistMagazine - 🏆 133. / 51 Read more »
Source: TheRegister - 🏆 67. / 61 Read more »
Source: TheRegister - 🏆 67. / 61 Read more »