"Microsoft resolved 117 new CVEs this month, three of which are rated critical by Microsoft. This month's line-up has two zero-day exploits that have also been publicly disclosed putting them at risk of more widespread exploitation."
"While the notes say remote code execution this vulnerability requires user interaction and some degree of social engineering. To exploit this vulnerability an attacker must craft a malicious .msc file that, if opened, will run arbitrary code or commands that allow a threat actor to compromise the host."
Collection
[
|
...
]