Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

A Quick CVE-2022-21907 FAQ (work in progress), (Wed, Jan 12th)

published on 2022-01-13 21:19:57 UTC by
Content:
Quick summary: There has been relatively little news after the vulnerability was released. I think a couple of things are happening: (1) This is a relatively straightforward Windows patch. Unlike for example log4j, inventory is less of an issue here. Enterprises tend to have a reasonably good handle on patching Windows. (2) Just like prior http.sys vulnerabilities, this one is likely not that easy to exploit. We will see what happens and there could still be a surprise out there. So keep patching. There is one unverified exploit claim so far.
Article: A Quick CVE-2022-21907 FAQ (work in progress), (Wed, Jan 12th) - published almost 3 years ago.

https://isc.sans.edu/diary/rss/28234   
Published: 2022 01 13 21:19:57
Received: 2022 01 12 03:02:18
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 1

Custom HTML Block

Click to Open Code Editor