Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has been found being exploited in the wild. But, first and foremost, it should be noted that the two MS Exchange zero-days under active exploitation (CVE-2022-41040 and CVE-2022-41082, aka ProxyNotShell) have still not been patched, and administrators must make do with Microsoft’s guidance on how to mitigate them until the fixes are ready.

Read full article on Help Net Security

 


Date:

Categorie(s):