Security Alert (A22-09-14): Vulnerability in Microsoft Endpoint Configuration Manager


 

Published on: 22 September 2022

  
  

Description:

Microsoft has released an out-of-band security update to address the vulnerability in Microsoft Endpoint Configuration Manager. The details of security update can be found at:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37972

 

Affected Systems:

  • Microsoft Endpoint Configuration Manager, versions 2103 to 2207

 

Impact:

A successful attack could lead to spoofing on an affected system.

 

Recommendation:

Patches for affected products are available in the Updates and Servicing node of the Configuration Manager console. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37972
  • https://www.cisa.gov/uscert/ncas/current-activity/2022/09/21/microsoft-releases-out-band-security-update-microsoft-endpoint
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37972


Tag: Microsoft , Microsoft Endpoint Configuration Manager
Tags