Microsoft Releases Out-of-Band Security Update for Microsoft Endpoint Configuration Manager

Microsoft security update addresses a spoofing vulnerability in Endpoint Configuration Manager

Threat ID:: CC-4172
Threat Severity:: Medium
Published:: 22 September 2022 1:04 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Microsoft security update addresses a spoofing vulnerability in Endpoint Configuration Manager

Affected platforms

The following platforms are known to be affected:

Versions: 2103-2207

Microsoft Endpoint Configuration Manager

Threat details

Introduction

Microsoft has released an out-of-band security update for CVE-2022-37972, which is a spoofing vulnerability in Microsoft Endpoint Configuration Manager. The vulnerability is rated as High and an attacker could exploit it to obtain sensitive information.

Remediation advice

Affected organisations are encouraged to read Microsoft's guidance Microsoft Endpoint Configuration Manager Spoofing Vulnerability CVE-2022-37972 and apply the relevant updates as soon as practicable.

Definitive source of threat updates

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37972

CVE Vulnerabilities

Status Published

CVE-2022-37972

Microsoft Endpoint Configuration Manager Spoofing Vulnerability.

Last edited: 22 September 2022 1:04 pm