Tag
#microsoft
Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData.
Printix Secure Cloud Print Management 1.3.1035.0 incorrectly uses Privileged APIs.
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.
本ブログは、Cyber threat activity in Ukraine: analysis and resources – Microsoft Security Response Center の抄訳版です。最新の情報は原文を参照してください。 2022 年
Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2022. I release it pretty late, because of the my previous big episode about the blindspots in the Knowledge Bases of Vulnerability Scanners. Please take a look if you haven’t seen it. Well, if you are even slightly interested in the world news, […]
UPDATE 27 Apr 2022: See Updated malware details and Microsoft security product detections below as discussed in the Special Report: Ukraine. UPDATE 02 MAR 2022: See Updated malware details and Microsoft security product detections below for additional insights and protections specific to the evolving threats we have identified impacting organizations with ties to Ukraine.
UPDATE 27 Apr 2022: See Updated malware details and Microsoft security product detections below as discussed in the Special Report: Ukraine. UPDATE 02 MAR 2022: See Updated malware details and Microsoft security product detections below for additional insights and protections specific to the evolving threats we have identified impacting organizations with ties to Ukraine.
Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process.
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured.
A Path Traversal vulnerability for a log file in LiveConfig 2.12.2 allows authenticated attackers to read files on the underlying server.