Context over chaos. Disconnected technologies, siloed data, and reactive processes can only get you so far. Protecting businesses in today’s threat landscape demands more than a set of security tools – it requires context.
That's where Avertium comes in
Security. It’s in our DNA. It’s elemental, foundational. Something that an always-on, everything’s-IoT-connected world depends on.
Helping mid-to-enterprise organizations protect assets and manage risk is our only business. Our mission is to make our customers’ world a safer place so that they may thrive in an always-on, connected world.
Best-in-class technology from our partners... backed by service excellence from Avertium.
Interested in becoming a partner?
With Avertium's deal registration, partners can efficiently and confidently connect with Avertium on opportunities to protect your deals.
Microsoft Copilot for Security analyzes and synthesizes high volumes of security data which can help healthcare cybersecurity teams do more with less.
Dive into our resource hub and explore top
cybersecurity topics along with what we do
and what we can do for you.
Microsoft patched a zero-day vulnerability this week that is now being tracked as CVE-2022-37969. The bug is an elevation of privilege vulnerability in the Windows Common Log File System Driver with a severity rating of 7.8. Microsoft confirmed that there is an exploit code available in the wild.
Windows Common Log File System Driver is the subsystem used for data and event logging. CVE-2022-37969 could allow for an attacker to gain system privileges and take over a machine. To exploit the vulnerability, an attacker would need to have access to their target’s system and the ability to run code on the system. An attacker could use malware that exploits a different vulnerability or use a basic social engineering phishing attack to gain system privileges.
CVE-2022-37969 is not a complex vulnerability, and it requires no other user interaction – meaning it is only a matter of time before it is exploited. Users running Windows 11 and older, as well as Windows Server 2008 and 2012, are affected. Despite Windows 7 being an end of life, the version will be patched as well. The Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to their list of exploited bugs and advised that users patch CVE-2022-37969 as soon as possible.
INDICATOR'S OF COMPROMISE (IOCS):
At this time, there are no known IoCs associated with CVE-2022-37969. Avertium’s threat hunters remain vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.
Microsoft Confirms New Windows Zero-Day CVE-2022-379699: Patch Tuesday (forbes.com)
🔃 Security Update Guide - Loading - Microsoft
Microsoft patches a new zero-day affecting all versions of Windows | TechCrunch
Related Reading: Apple Fixes 8th Zero-Day Vulnerability
Contact us for more information about Avertium’s managed security service capabilities.