all InfoSec news
Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925)
Help Net Security www.helpnetsecurity.com
May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack (CVE-2022-26925) and two publicly known vulnerabilities (CVE-2022-29972 and CVE-2022-22713). Vulnerabilities of particular note First and foremost, we have CVE-2022-26925, an “important” spoofing vulnerability in Windows Local Security Authority (LSA) that may turn into a “critical” one if combined with NTLM relay attacks. “Being actively exploited in the wild, this [vulnerability] allows … More →
The post …
0 day active directory attack cve don't miss immersive labs microsoft orca security patches patch tuesday security update spoofing tenable trend micro under windows