Project of AEREZONA DEVELOPERS. Contact Us at: +92-300-3308001 email at: [email protected]
HomeTech NewsCybersecurityEmergency patch for Microsoft Endpoint Configuration Manager released

Emergency patch for Microsoft Endpoint Configuration Manager released

Published on

- Advertisement -

Admins should update Microsoft’s IT management solution, Endpoint Configuration Manager. Attacks could be imminent.

 

With Microsoft Endpoint Configuration Manager, admins manage PCs and servers in companies. Attackers could now target a security gap that is already public knowledge. If attacks are successful, access to sensitive information is possible. A security patch is available.

- Advertisement -

 

Normally, Microsoft only releases security updates once a month on patch day. This vulnerability (CVE-2022-37972 “high“), the group obviously classifies it as so dangerous that there is an emergency patch (KB 15498768). The update is available for Endpoint Configuration Manager versions 2103 to 2207. If an edition older than 2103 is used, admins should update to a more recent version.

As can be seen from a warning message, the vulnerability is already public knowledge, but so far there have been no attacks. Microsoft is not currently providing specific information on the gap and possible attack scenarios.

The vulnerability seems to be in a fallback to the NTLM authentication method. The update is intended to ensure that this fallback does not take place. Microsoft recommends disabling this option in all environments where it is possible for security reasons.

- Advertisement -

- Advertisement -

Latest articles

Huawei Mate X3 may launch soon with new hinge and SD 8 Gen 2, says rumor

After launching the Mate 50 line, Huawei is now starting to focus on the...

Apple Watch saving lives in Spain.

Apple Watch saving lives, a Spanish doctor diagnosed a woman's heart attack on time...

More like this