Skip to main content

Microsoft Releases Out-of-Band Security Update for Microsoft Endpoint Configuration Manager

Microsoft security update addresses a spoofing vulnerability in Endpoint Configuration Manager

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Microsoft security update addresses a spoofing vulnerability in Endpoint Configuration Manager


Affected platforms

The following platforms are known to be affected:

Threat details

Introduction

Microsoft has released an out-of-band security update for CVE-2022-37972, which is a spoofing vulnerability in Microsoft Endpoint Configuration Manager. The vulnerability is rated as High and an attacker could exploit it to obtain sensitive information.


Remediation advice

Affected organisations are encouraged to read Microsoft's guidance Microsoft Endpoint Configuration Manager Spoofing Vulnerability CVE-2022-37972 and apply the relevant updates as soon as practicable.



Last edited: 22 September 2022 1:04 pm