4Articles
3Categories
2022-04-05Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
5 AprMicrosoft’s Response to CVE-2022-22965 Spring FrameworkSummary Summary Microsoft used the Spring Framework RCE, Early Announcement to inform analysis of the remote code execution vulnerability, CVE-2022-22965, disclosed on 31 Mar 2022. We have not to date noted any impact to the security of our enterprise services and have not experi…MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 2[−]
5 Apr114: HDHD Moore (https://twitter.com/hdmoore) invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? Learn more about what HD does today by visiting rumble.run/. Sponsors Support …DARKNETDIARIES.COM
5 AprRandomizing the KUSER_SHARED_DATA Structure on WindowsWindows 10 made a lot of improvements in Kernel Address Space Layout Randomization (KASLR) that increases the cost of exploitation, particularly for remote code execution exploits. Many kernel virtual address space (VAS) locations including kernel stacks, pools, system PTEs etc. …MSRC.MICROSOFT.COM
📡 INFOSEC NEWS 1[−]
5 AprOn-Premises Servers Products are Here! Introducing the Applications and On-Premises Servers Bug Bounty ProgramMicrosoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program. Through this expanded program, we encourage researchers to discover and report high-impact…MSRC.MICROSOFT.COM