Searching
..

Click anywhere to stop

KLA12481
Multiple vulnerabilities in Microsoft System Center

Обновлено: 09/03/2022
Дата обнаружения
08/03/2022
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Microsoft Defender for IoT can be exploited remotely to execute arbitrary code.
  2. An elevation of privilege vulnerability in Microsoft Defender for IoT can be exploited remotely to gain privileges.
  3. A spoofing vulnerability in Microsoft Defender for Endpoint can be exploited remotely to spoof user interface.
Пораженные продукты

Microsoft Defender for Endpoint for Windows
Microsoft Defender for IoT

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-23265
CVE-2022-23266
CVE-2022-23278
Оказываемое влияние
?
ACE 
[?]

PE 
[?]

SUI 
[?]
KB list

5011487
5011485
5011580
5011493
5011503
5011497

Узнай статистику распространения уязвимостей в твоем регионе