1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The latest Microsoft Patch Tuesday release fixes over 100 serious

    From TechnologyDaily@1337:1/100 to All on Wed Apr 13 15:00:03 2022
    The latest Microsoft Patch Tuesday release fixes over 100 serious bugs

    Date:
    Wed, 13 Apr 2022 13:48:28 +0000

    Description:
    Numerous privilege escalation flaws addressed in latest Microsoft Patch Tuesday release.

    FULL STORY ======================================================================

    Patch Tuesday may be headed for Valhalla in the summer, but that doesnt mean Microsoft will stop plugging holes until it does.

    The April 2022 Patch Tuesday was just released, and it features more than 100 fixes to serious bugs. All in all, 128 vulnerabilities were addressed, in a number of Microsoft products, including Windows, the antivirus tool Defender, Office, and many others.

    Of all the bugs, 10 were rated as critical, while the majority (115) as important. Three are moderate, one publicly known, and one actively
    exploited. Privilege escalation

    The actively exploited one is tracked as CVE-2022-24521, and is an elevation of privilege vulnerability found in the Windows Common Log File System
    (CLFS). Discovered by researchers from the National Security Agency (NSA) and cybersecurity firm CrowdStrike, it carries a severity score of 7.8.

    The publicly known one is a zero-day tracked as CVE-2022-26804. It is also a endpoint privilege escalation flaw, found in the Windows USer Profile
    Service. It carries a severity score of 7.0, but requires an attacker to win
    a race condition in order to exploit it.

    Other notable mentions include remote code execution vulnerabilities in RPC Runtime Library, Windows Network File System, Windows Server Service, Windows SMB, and Microsoft Dynamics 365.

    The company has also addressed 18 flaws in Windows DNS Server, including 17 remote execution flaws. Furthermore, it patched 15 holes that allowed escalation of privilege in the Windows Print Spooler. Read more

    Microsoft is ready to kill off Patch Tuesday as we know it



    Latest Microsoft Patch Tuesday release is the smallest for some time, but
    still fixed some serious bugs



    Microsoft fixes bug that stops Windows 11 from erasing user data after a
    reset

    Microsoft has revealed it will be retiring Patch Tuesday within the next few months, replacing it with a new Windows Autopatch service that it says will keep all business computers and Office software up to date automatically.

    Customers with at least a Windows 10 or Windows 11 Enterprise E3 license will be eligible for the new service, which is set to go live in July.

    Microsoft Autopatch will split the devices into three groups, or testing rings, to make sure every process goes smoothly and without trouble. No security stack is complete without a solid firewall

    Via: HackerNews



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-latest-microsoft-patch-tuesday-release-fixe s-over-100-serious-bugs/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)