• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft reclassifies spnego extended negotiation security vulnerability as critical rce

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as Critical RCE

You are here: Home / General Cyber Security News / Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as Critical RCE
December 15, 2022

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to “Critical” just after it emerged that it could be exploited to obtain remote code execution.

Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was earlier explained as an information disclosure vulnerability in SPNEGO Prolonged Negotiation (NEGOEX) Security System.

SPNEGO, short for Easy and Guarded GSSAPI Negotiation System (SPNEGO), is a scheme that makes it possible for a shopper and distant server to get there at a consensus on the selection of the protocol to be utilised (e.g., Kerberos or NTLM) for authentication.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


CyberSecurity

But a additional investigation of the flaw by IBM Security X-Pressure researcher Valentina Palmiotti observed that it could enable remote execution of arbitrary code, prompting Microsoft to reclassify its severity.

“This vulnerability is a pre-authentication distant code execution vulnerability impacting a large assortment of protocols,” IBM explained this week. “It has the probable to be wormable.”

Specifically, the shortcoming could help remote code execution by way of any Windows application protocol that authenticates, such as HTTP, SMB, and RDP. Specified the criticality of the issue, IBM said it can be withholding specialized particulars until Q2 2023 to give companies enough time to utilize the fixes.

“Successful exploitation of this vulnerability requires an attacker to prepare the goal environment to boost exploit trustworthiness,” Microsoft cautioned in its current advisory.

“In contrast to the vulnerability (CVE-2017-0144) exploited by EternalBlue and used in the WannaCry ransomware attacks, which only influenced the SMB protocol, this vulnerability has a broader scope and could perhaps have an effect on a broader selection of Windows devices owing to a much larger attack surface of companies exposed to the general public internet (HTTP, RDP, SMB) or on inside networks,” IBM mentioned.

Found this write-up attention-grabbing? Stick to us on Twitter  and LinkedIn to read through much more distinctive content material we write-up.


Some elements of this article are sourced from:
thehackernews.com

Previous Post: «us begins seizure of 48 ddos for hire services following global investigation US begins seizure of 48 DDoS-for-hire services following global investigation
Next Post: Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities researchers uncover mirrorface cyber attacks targeting japanese political entities»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.