About the Event
Microsoft has recently revised the severity for SPNEGO Extended Negotiation security mechanism (NEGOEX) vulnerability to critical from its previous High severity from the September 2022 patch release. The vulnerability is being tracked as CVE-2022-37958.
Actions to Consider
Microsoft has a patch available for fixing the vulnerability. It is recommended by Microsoft, the researcher and Cybersecurity to install the Microsoft patch as soon as possible.
Event Impact
Security researchers recently found and notified Microsoft of the vulnerability impact being pre-authenticated remote code executable. This differs from the previously understood status of the threat requiring the attacker to prepare the target environment. The vulnerability can allow attackers to use it against any Windows application that authenticates by default. This will include Windows protocols HTTP, SMB and Remote Desktop. It has the potential to be worm-able and can be exploited to achieve remote code execution.
References
https://securityaffairs.co/wordpress/139709/hacking/microsoft-revised-cve-2022-37958-rate.html
https://www.cve.org/CVERecord?id=CVE-2022-37958
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-37958(Includes the links to the KB patches)