One Article Review
| Source |  Schneier on Security |
|---|---|
| Identifiant | 8293677 |
| Date de publication | 2022-12-22 12:01:37 (vue: 2022-12-22 12:07:05) |
| Titre | Critical Microsoft Code-Execution Vulnerability |
| Texte | A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a chain reaction of self-replicating follow-on exploits on other vulnerable systems. The wormability of EternalBlue allowed WannaCry and several other attacks to spread across the world in a matter of minutes with no user interaction required... |
| Envoyé | Oui |
| Condensat | 2022 37958 across allowed allows also attackers attacks authentication can chain code critical cve eternalblue execute execution exploit exploits follow how interaction it’s just latest like malicious matter meaning microsoft minutes other patched reaction realized replicating required researchers seems self september serious several single spread systems tracked trigger user vulnerability vulnerable wannacry windows world wormability wormable |
| Tags | Vulnerability |
| Stories | Wannacry Wannacry |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.