Critical Update on Microsoft SW

favicon

CloudWize is the first out-of-the-box Cloud Security Center of Excellence (CSCoE) solution that helps companies easily guard their cloud by having maximum cloud security and compliance with minimal effort. Get 360° protection from architecture design to runtime and have peace of mind.

On Tuesday, October 10th, Microsoft released an update that fixed 84 security flaws, warning that attackers are launching zero-day attacks. 

What is it exactly? 

CVE-2022-41033 is an elevation of privilege (EoP) vulnerability in the Windows COM+ Event System Service, which automatically distributes events to Component Object Model (COM) components. NIST scored it 7.8.

13 of the 84 vulnerabilities carry the highest “critical” severity rating, 71 as important and 1 as moderate. The number of bugs in each vulnerability category is listed below:

39 Elevation of Privilege Vulnerabilities

2 Security Feature Bypass Vulnerabilities

20 Remote Code Execution Vulnerabilities

11 Information Disclosure Vulnerabilities

8 Denial of Service Vulnerabilities

4 Spoofing Vulnerabilities

By updating CVEs regularly, CloudWize users are alerted to relevant critical vulnerabilities immediately and can easily remediate them.

We recommend updating your Microsoft software.  

Watch in CloudWize platform:

Join our weekly demo

Once a week our CEO, Chen Goldberg is giving a group demo. 

In this demo he’s showing how to gain maximum cloud security and compliance using CloudWize platform. 

We use cookies and tracking technologies to improve your experience on our website and for analytics purposes. By using and accessing this site, you agree to our Terms of Use and Privacy Policy