PATCHED Windows Server 2008 R2 SP1 X32 ESD ENU APRIL 2018: A Complete Guide
the second zero-day vulnerability is cve-2022-24500, and it is a remote code execution vulnerability. this vulnerability is in the windows smb stack, and allows remote code execution on the target windows machine if an attacker is able to escalate privileges from a user context. the target of the vulnerability can be a user, but is more likely to be a local administrator. this vulnerability is rated with a cvss score of 7.3, which makes it an important vulnerability.
PATCHED Windows Server 2008 R2 SP1 X32 ESD ENU APRIL 2018
this week's patch tuesday release was huge, diverse, risky, and urgent, with late update arrivals for microsoft browsers ( cve-2022-1364 ) and two zero-day vulnerabilities affecting windows ( cve-2022-26809 and cve-2022-24500 ). fortunately, microsoft has not released any patches for microsoft exchange, but this month we do have to deal with more adobe (pdf) printing related vulnerabilities and associated testing efforts. we have added the windows and adobe updates to our patch now schedule, and will be watching closely to see what happens with any further microsoft office updates.
cve-2022-26904 is an eop vulnerability in the windows user profile service. it received a cvssv3 score of 7.0, which rates its severity as important. the attack complexity for this flaw is considered high because it requires an attacker to win a race condition. despite the higher complexity, it is still considered as exploitation more likely. this is the second of two zero-days addressed this month, as details about this vulnerability were publicly disclosed prior to a patch being made available.
the second zero-day vulnerability is cve-2022-24500, and it is a remote code execution vulnerability. this vulnerability is in the windows smb stack, and allows remote code execution on the target windows machine if an attacker is able to escalate privileges from a user context.
https://www.dogha1r.com/group/my-site-1-group/discussion/6ccb57a9-9f26-4337-ac11-6b3260f78249