NVD disclosure day

Published threat advisories for October 11, 2022

CVE advisoryKnown Exploit

CVE-2022-41033

Windows COM+ Event System Privilege Escalation Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in the Windows COM+ Event System Service allows local attackers to escalate privileges. This could lead to unauthorized access to sensitive data and system compromise, affecting Windows operating systems. Organizations should apply vendor updates to mitigate this risk.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2022-38028

Windows Print Spooler Elevation of Privilege Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A vulnerability in the Windows Print Spooler service allows an attacker to elevate privileges on an affected system. This could lead to unauthorized access and control, impacting business operations and data. Organizations should apply vendor-provided mitigations to address this risk.

NVD published: • CISA KEV