Microsoft issues out-of-band security patch; vulnerability disclosed

Updated on 2022-09-26: Microsoft out-of-band security update

Microsoft released an out-of-band security update last week for its Microsoft Endpoint Configuration Manager app to address a security issue known as CVE-2022-37972, which was set to be described for the first time at the BSidesKC security conference this weekend. Read more: Microsoft Endpoint Configuration Manager Spoofing Vulnerability: CVE-2022-37972

Overview: Microsoft issues out-of-band security patch; vulnerability disclosed

SecurityWeek: Microsoft released an out-of-band security patch this week for its Endpoint Configuration Manager to fix a flaw that could’ve made it easier for attackers to move around an organization’s network, which attackers find useful when trying to deploy ransomware. The bug is tracked as CVE-2022-37972 and discovered by @TechBrandon. Admins use the Endpoint Configuration Manager as a device deployment tool, such as pushing apps and updates to employees over the network. You can probably see why a ransomware actor would find that level of access helpful.

🚨🚨🚨🚨🚨 https://t.co/j4FerZD9Ds

— Sean Gallagher (@thepacketrat) September 21, 2022

Regarding the recent #ConfigMgr #SCCM vulnerability, I wanted to clear up a few questions and explain the attack surface. I'll be demonstrating these attacks @_BSidesKC and @hthackers. Checkout the screenshot for details and this blog for background: https://t.co/v9UeI9BlA2 pic.twitter.com/FpAZeB3rLn

— Tech Brandon (@TechBrandon) September 22, 2022

Read more in

• Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks
• SCCM Hotfix KB15498768 NTLM connection Fallback Update