Skip to Content

Microsoft issues out-of-band security patch; vulnerability disclosed

Updated on 2022-09-26: Microsoft out-of-band security update

Microsoft released an out-of-band security update last week for its Microsoft Endpoint Configuration Manager app to address a security issue known as CVE-2022-37972, which was set to be described for the first time at the BSidesKC security conference this weekend. Read more: Microsoft Endpoint Configuration Manager Spoofing Vulnerability: CVE-2022-37972

Overview: Microsoft issues out-of-band security patch; vulnerability disclosed

SecurityWeek: Microsoft released an out-of-band security patch this week for its Endpoint Configuration Manager to fix a flaw that could’ve made it easier for attackers to move around an organization’s network, which attackers find useful when trying to deploy ransomware. The bug is tracked as CVE-2022-37972 and discovered by @TechBrandon. Admins use the Endpoint Configuration Manager as a device deployment tool, such as pushing apps and updates to employees over the network. You can probably see why a ransomware actor would find that level of access helpful.

Read more in

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.