Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days (www.theregister.com)
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 22 Apr 01:42
https://lemmy.zip/post/36948041

It’s now hitting govt, enterprise targets

#cybersecurity

threaded - newest

lath@lemmy.world on 22 Apr 02:43 next collapse

This would be fate of all government mandated backdoors.

taladar@sh.itjust.works on 22 Apr 16:45 collapse

Only for those it would happen in 8s.

mutual_ayed@sh.itjust.works on 23 Apr 05:39 collapse

*pedantic hat

If it’s a backdoor it’s by nature already exploited

01189998819991197253@infosec.pub on 23 Apr 02:38 next collapse

What’s the CVE score?

Sorry. Bad joke on our pain…

mutual_ayed@sh.itjust.works on 23 Apr 05:38 collapse

CISA picked up funding for the CVE database

cybernews.com/…/cve-database-funding-extended-cis…

01189998819991197253@infosec.pub on 24 Apr 01:13 collapse

This made my day!

Edit: also, this is from 17-APR, and it’s the first I’m seeing this. I wish I could say I’ve been under a rock, but I was literally looking for, and reading, multiple articles on this near daily, and missed this…

x00z@lemmy.world on 23 Apr 03:42 next collapse

Patch Tuesday is far worse. 8 days is well within the 30 day window they use for releasing exploit fixes. So it isn’t even weird. This stuff happens all the time if you don’t push security fixes as soon as possible. They prefer to have a nice little monthly day to make the life of companies easier, but it’s highly unsafe.

untakenusername@sh.itjust.works on 24 Apr 03:01 collapse

mb guys