Видяшечка про июльский Microsoft Patch Tuesday и про то, что Microsoft творит дичь

Добавить комментарий

Видяшечка про июльский Microsoft Patch Tues­day и про то, что Microsoft творит дичь. В принципе все то же, о чем тут писал. Ну и про репорт майкрософтовский тоже накинул немножко для затравки. 🙂

—-

Hel­lo every­one! Microsoft has been act­ing weird late­ly. I mean the recent pub­li­ca­tion of a pro­pa­gan­da report about evil Rus­sians and how Microsoft is involved in the con­flict between coun­tries. It wouldn't be unusu­al for a US gov­ern­ment agency, NSA or CIA to pub­lish such a report. But when a glob­al IT ven­dor, which, in the­o­ry, should be more or less neu­tral, does this… This is a clear sig­nal. It's not about busi­ness any­more.

I'll take a clos­er look at this report in the next episode of the Vul­ner­a­bil­i­ty Man­age­ment news, but for now let's take a look at Microsoft July Patch Tues­day. Yes, the ven­dor is behav­ing strange­ly, but Microsoft prod­ucts need to be patched. Right? At least for now. And track­ing vul­ner­a­bil­i­ties is always a good thing. 🙂

01:32 CSRSS Ele­va­tion of Priv­i­lege (CVE-2022–22047)
04:36 RPC Remote Code Exe­cu­tion (CVE-2022–22038)
05:44 Microsoft Edge Mem­o­ry Cor­rup­tion (CVE-2022–2294)
06:55 32 vul­ner­a­bil­i­ties in Azure Site Recov­ery

Video: https://youtu.be/HjfxxcqWrH4
Video2 (for Rus­sia): https://vk.com/video-149273431_456239096
Blog­post: https://avleonov.com/2022/07/23/microsoft-patch-tuesday-july-2022-propaganda-report-csrss-eop-rpc-rce-edge-azure-site-recovery/
Full report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_july2022_report_with_comments_ext_img.html

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *