Critical Windows patch - Scam alerts - Forums - Citywire Funds Insider Forum

Welcome to the Citywire Funds Insider Forums, where members share investment ideas and discuss everything to do with their money.

You'll need to log in or set up an account to start new discussions or reply to existing ones. See you inside!

Notification

Error

Critical Windows patch

+ Reply to discussion

Options

MarkSp		Posted: 13 April 2023 06:07:51(UTC) #1
Joined: 02/02/2020(UTC) Posts: 2,190 Thanks: 285 times Was thanked: 5830 time(s) in 1729 post(s)		People CVE-2023-21554 / CVE-2023-21769 / CVE-2023-28302 are vulnerabilities in the Microsoft Message Queue (MSMQ) service. The most severe, CVE-2023-21554 is a low complexity unauthenticated remote code execution (RCE) vulnerability affecting all versions of Windows. It is CVSS-scored 9.8 out of 10 Critical and assessed by Microsoft as “Exploitation More Likely”. MSMQ is an optional service not installed by default, but it can be enabled by users or by installation of applications that depend on it. The service status can also be retrieved in PowerShell: Get-WindowsOptionalFeature -Online -Featurename MSMQ* Where Windows endpoints cannot be patched or patches are no longer supported, the MSMQ service should be disabled or removed. Look up how to remove Windows features - this one is significant and is being exploited
Back to top		Quote
		3 users thanked MarkSp for this post. Optimist on 13/04/2023(UTC), Tim D on 13/04/2023(UTC), Sara G on 16/04/2023(UTC)
User Profile View All Posts by User View Thanks

+ Reply to discussion

Markets

Other markets

Market Data Notice

More market charts