{"id":8337,"date":"2022-08-03T10:11:50","date_gmt":"2022-08-03T10:11:50","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8337"},"modified":"2023-02-17T13:29:10","modified_gmt":"2023-02-17T20:29:10","slug":"dhs-cisa-kevs-weekly-edition-13-patch-before-you-hit-the-deadline","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/dhs-cisa-kevs-weekly-edition-13-patch-before-you-hit-the-deadline\/","title":{"rendered":"DHS CISA KEVs Weekly Edition 13: Patch Before you Hit the Deadline"},"content":{"rendered":"

Every week, we bring to you the CVEs that need to be patched, as recommended by CISA. This week, there is only one CVE (CVE-2022-22047) which needs to be patched by the 2nd of August 2022. Our team has analyzed this CVE and here are the findings:<\/p>\n

\"\"<\/p>\n

This CVE, discovered in 2022, is found in Windows\u00a0 Client Server Runtime Subsystem (CSRSS) and can be used to execute code remotely. It arises due to an improper privilege management flaw (CWE-269). This was discovered as a zero-day vulnerability and a patch was made available on Microsoft\u2019s Patch Tuesday.<\/p>\n

Recently, this CVE was exploited by the PSOA Knotweed with a special spyware kit, SubZero. If exploited, it could lead to complete take-over of the system and information. Hence, Microsoft has urged all its Windows CSRSS users to patch this vulnerability immediately.<\/p>\n

For more information on the Knotweed incident, check out our\u00a0weekly threat blog<\/a>.<\/p>\n

This CVE has no known ransomware or APT group associations.<\/p>\n

 <\/p>\n