Complete Story
 

03/09/2022

VERT Threat Alert: March 2022 Patch Tuesday Analysis

The State of Security

Today’s VERT Alert addresses Microsoft’s March 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-989 on Wednesday, March 9th.

In-The-Wild & Disclosed CVEs

CVE-2022-21990

CVE-2022-21990 describes a code execution vulnerability within Remote Desktop Client. The vulnerability requires that a malicious actor control the Remote Desktop Server to which the client has connected. Upon connecting to the malicious server, code is executed on the client system. While Microsoft has said that exploitation is more likely, the fact that an attacker must control a malicious server and t

Read more...

Printer-Friendly Version