- IT 리더가 지목한 AI 가치 실현의 최대 걸림돌은 ‘비용 관리’
- Los CIO consideran que la gestión de costes puede acabar con el valor de la IA
- 칼럼 | AI 에이전트, 지금까지의 어떤 기술과도 다르다
- The $23 Echo Dot deal is a great deal to upgrade your smart home this Black Friday
- Amazon's Echo Spot smart alarm clock is almost half off this Black Friday
Tripwire Patch Priority Index for February 2022 | The State of Security
Tripwire’s February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.
First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This vulnerability has been added to Metasploit Exploit Framework and any vulnerable systems should be patched as soon as possible.
Up next are patches for Microsoft Edge that resolve over 20 vulnerabilities such as user after free, type confusion, heap buffer overflow, tampering, and elevation of privilege vulnerabilities.
Following Edge are patches for Microsoft Office, Excel, Outlook, Teams, and Visio. These patches resolve 7 vulnerabilities, including security feature bypass, remote code execution, denial of service, and information disclosure vulnerabilities.
Next are patches that affect components of the Windows operating systems. These patches resolve over 20 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, DWM Core Library, Windows Defender, NFS, Print Spooler, Named Pipe File System, and others.
Next are patches for the .NET Framework that resolve a denial of service vulnerability in the Kestrel Web Server and a remote code execution vulnerability in Visual Studio Code.
Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, Dynamics, DNS, SQL Server, and Power BI. These patches resolve numerous issues including remote code execution, elevation of privileges, security feature bypass, and spoofing vulnerabilities.
BULLETIN |
CVE |
CVE-2021-36942 |
|
CVE-2022-0452, CVE-2022-0453, CVE-2022-0454, CVE-2022-0455, CVE-2022-0456, CVE-2022-0457, CVE-2022-0458, CVE-2022-0459, CVE-2022-0460, CVE-2022-0461, CVE-2022-0462, CVE-2022-0463, CVE-2022-0464, CVE-2022-0465, CVE-2022-0466, CVE-2022-0467, CVE-2022-0468, CVE-2022-0469, CVE-2022-0470, CVE-2022-23263,CVE-2022-23262,CVE-2022-23261 |
|
CVE-2022-23280 |
|
CVE-2022-21988 |
|
CVE-2022-21965 |
|
CVE-2022-22716 |
|
CVE-2022-22004, CVE-2022-22003, CVE-2022-23252 |
|
CVE-2022-22002, CVE-2022-21989, CVE-2022-21992, CVE-2022-21994, CVE-2022-22001, CVE-2022-21985, CVE-2022-21971, CVE-2022-21996, CVE-2022-21974, CVE-2022-21993, CVE-2022-21997, CVE-2022-21999, CVE-2022-22717, CVE-2022-22718, CVE-2022-22710, CVE-2022-21981, CVE-2022-22000, CVE-2022-21998, CVE-2022-22715 |
|
CVE-2022-21986 |
|
CVE-2022-21991 |
|
CVE-2022-22005, CVE-2022-21968, CVE-2022-21987 |
|
CVE-2022-21984 |
|
CVE-2022-22712, CVE-2022-21995 |
|
CVE-2022-23272, CVE-2022-23273, CVE-2022-23271, CVE-2022-23274, CVE-2022-23269, CVE-2022-21957 |
|
CVE-2022-23276 |
|
CVE-2022-23254 |