Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-26773PUBLISHED: 2022-05-26A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission.
CVE-2022-26774PUBLISHED: 2022-05-26A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges.
CVE-2022-26775PUBLISHED: 2022-05-26An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2022-26776PUBLISHED: 2022-05-26This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution.
CVE-2022-29632PUBLISHED: 2022-05-26An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arbitrary code via a crafted file.
User Rank: Ninja
7/2/2017 | 11:32:14 AM
that's not a workable response: much software that is essential to its users depends on the MSFT API
still, it's important to think about this problem:
What has happened: a non-secure o/s has been placed into massive use in a network environment in which messages are generally not authenticated and message formats that carry macros and scripts have been incorporated into general use in this non-secure environment
if you wanted to design a system to facilitate hacking you could not do a better job.
the response cannot be immediate termination of the offending components; rather the offending components need to be re-configured into a protected environment such that attack messages cannot get at them
this means moving all vulnerable o/s and apps into protected intranets that do not have open-net access. this will create some additional difficulty as it will block essential communication. to correct this it will be necessary to build and deploy some heavy-duty filters that can require PGP signatures on all inbound messages.
this would be a start
it will need refinement; most likely quarantine of messages of a questionable nature.