Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

BrikoX@lemmy.zip · 3 days ago

Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

untakenusername@sh.itjust.works · 1 day ago

mb guys

𝕸𝖔𝖘𝖘@infosec.pub · 2 days ago

What’s the CVE score?

Sorry. Bad joke on our pain…

mutual_ayed@sh.itjust.works · 2 days ago

CISA picked up funding for the CVE database

https://cybernews.com/security/cve-database-funding-extended-cisa-mitre-corp/

𝕸𝖔𝖘𝖘@infosec.pub · edit-2 1 day ago

This made my day!

Edit: also, this is from 17-APR, and it’s the first I’m seeing this. I wish I could say I’ve been under a rock, but I was literally looking for, and reading, multiple articles on this near daily, and missed this…

x00z@lemmy.world · 2 days ago

Patch Tuesday is far worse. 8 days is well within the 30 day window they use for releasing exploit fixes. So it isn’t even weird. This stuff happens all the time if you don’t push security fixes as soon as possible. They prefer to have a nice little monthly day to make the life of companies easier, but it’s highly unsafe.

lath@lemmy.world · 3 days ago

This would be fate of all government mandated backdoors.

taladar@sh.itjust.works · 3 days ago

Only for those it would happen in 8s.

mutual_ayed@sh.itjust.works · 2 days ago

*pedantic hat

If it’s a backdoor it’s by nature already exploited

Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

Microsoft rated this bug as low exploitability. Miscreants weaponized it in just 8 days

Eight days from patch to exploitation for Microsoft flaw