#cybersecurity #exploits
#KB5013942

CVE-2022-26925 8.1/9.8 (Aggregated) Spoofing could allow an unauthenticated attacker to force a domain controller to authenticate against another server using Windows New Technology LAN Manager (NTLM). Microsoft notes this would be a CVSS 9.8 if combined with NTLM relay attacks, making this vulnerability potentially more severe.

Additionally, it was confirmed that KB5013942, & KB5013943 “which are related to Windows 10 & 11 are causing authentication failure, System admins can follow this article to solve the issue if they encountered it, Microsoft is investigation the root cause of the issue
https://support.microsoft.com/en-us/topic/ad2c23b0-15d8-4340-a468-4d4f3b188f16#bkmk_certmap

It is important to follow patch management procedures, by identify weakness in systems, and ensure relevant patches are first tested whenever possible, then enrolled to production in batches to ensure maximum stability.
Also, efforts shall be made to patch end user PCs and laptops to ensure it is secure because it is connected to internet, while not all servers are, so patching for end user PCs

CVE-2022-26937 9.8 Remote code execution You can mitigate an attack by disabling NFSV2 and NFSV3, follow this link it affects all Windows editions
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26937

Contact us
Telegram
https://t.me/techvortex

Facebook Group
https://www.facebook.com/groups/1012323126181044

Facebook Page
https://www.facebook.com/techvortex.official

This video is a result of hard work, dedicated time and preparation and years of experience, Please like, Subscribe and Share and tell us your comment