Mike Walters of Action1 tells Dark Reading that the zero-day exploit specifically affects the JScript9 scripting language, which is Microsoft’s legacy JavaScript dialect, used by the Internet Explorer browser.
“CVE-2022-37968, [a] connect elevation of privilege vulnerability, has a rare CVSS score of 10, said Mike Walters, VP of vulnerability and threat research at Action1.
“The Windows COM+ Event System Service is launched by default with the operating system and is responsible for providing notifications about logons and logoffs,” says Mike Walters.
Mike Walters tells Information Security Media Group that the vulnerability affects IKEv1 and IKEv2. All Windows servers are affected, because they accept packets from both versions.
As Mike Walters, cybersecurity executive and co-founder of Action1, told us, this is the smallest number of vulnerabilities being resolved as part of the monthly Patch Tuesday cycle this year.
Mike Walters, co-founder of Action1, warned security teams to pay attention to CVE-2022-34724, a denial of service vulnerability in Windows DNS Server, which he said was likely to be exploited.
“An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable remote code execution,” warned Action1 co-founder, Mike Walters.
CVE-2022-37969’s low complexity makes it a concern, according to Mike Walters, the cybersecurity executive and cofounder of Action1.
“Since the vulnerability has low complexity and requires no user interaction, an exploit will likely soon be in the arsenal of both white hats and black hats,” Mike Walters, co-founder of Action1, wrote in an analysis provided to Dark Reading.
Mike Walters, co-founder of Action1, told Spiceworks, “This is the latest in a set of NFS vulnerabilities that Microsoft has been fixing monthly. It began in May when NFSv2 was fixed.”
“These vulnerabilities enable a network attack that does not require any action from the user,” explained Action1 co-founder, Mike Walters.
Action1 was recognized among the most interesting products of the month.
“Windows CSRSS Elevation of Privilege, tracked as CVE-2022-22047, is critical because it is actively exploited in the wild,” says Mike Walters, co-founder of Action1.
Mike Walters, co-founder of Action1, added: “Vulnerabilities of this type are great for taking control over a workstation or server when they are paired with phishing attacks that use Office documents with macros.”
Action1 Corp., a risk-based patch management software company in Houston, added features to its solution offering.
Action1 released a new version of the platform, empowering MSPs and IT departments to mitigate and remediate security vulnerabilities on their managed endpoints more efficiently.
News about the Action1 service update in the daily news roundup.
‘The benefit of having a platform with a strong vulnerability management system is important for clients, and that is a focus of Action1,’ says Action1 President Mike Walters.
Why is it important to automate patching not only for OS, but also for 3rd-party software such as web browsers? Read on to find out in a column by Mike Walters, President and Co-Founder of Action1.
Paul Barker’s article covers the Action1 2022 SMB IT Security Needs Report in great detail.