Critical Vulnerability in Microsoft Windows / SPNEGO Extended Negotiation (NEGOEX) Security Mechanism - Remote Code Execution Vulnerability

A vulnerability in Microsoft Windows in the SPNEGO Extended Negotiation (NEGOEX) security mechanism is now rated critical. IT administrators should quickly apply the security patch.

A vulnerability in the SPNEGO Extended Negotiation (NEGOEX) security mechanism is now rated critical (CSVV 8.1). The vulnerability (CVE-2022-37958) allows an attacker to execute malicious code.

heise.de writes: "Affected are all Windows versions from Windows 7 to Windows 11, including Windows RT 8.1, as well as Windows Server 2008 R2 to Server 2022. If not already done, administrators should install the security patch to close the vulnerability quickly now."

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958

https://www.heise.de/news/Codeschmuggel-moeglich-Microsoft-stuft-Sicherheitsluecke-auf-kritisch-herauf-7396879.html

Status: 16.12.2022, 16:00 / mh