Updated on 2022-09-26: Microsoft out-of-band security update
Microsoft released an out-of-band security update last week for its Microsoft Endpoint Configuration Manager app to address a security issue known as CVE-2022-37972, which was set to be described for the first time at the BSidesKC security conference this weekend. Read more: Microsoft Endpoint Configuration Manager Spoofing Vulnerability: CVE-2022-37972
Overview: Microsoft issues out-of-band security patch; vulnerability disclosed
SecurityWeek: Microsoft released an out-of-band security patch this week for its Endpoint Configuration Manager to fix a flaw that could’ve made it easier for attackers to move around an organization’s network, which attackers find useful when trying to deploy ransomware. The bug is tracked as CVE-2022-37972 and discovered by @TechBrandon. Admins use the Endpoint Configuration Manager as a device deployment tool, such as pushing apps and updates to employees over the network. You can probably see why a ransomware actor would find that level of access helpful.
— Sean Gallagher (@thepacketrat) September 21, 2022
Regarding the recent #ConfigMgr #SCCM vulnerability, I wanted to clear up a few questions and explain the attack surface. I'll be demonstrating these attacks @_BSidesKC and @hthackers. Checkout the screenshot for details and this blog for background: https://t.co/v9UeI9BlA2 pic.twitter.com/FpAZeB3rLn
— Tech Brandon (@TechBrandon) September 22, 2022
Read more in