Statement on Windows Print Spooler vulnerability (CVE-2022-22022)

Avatar

Version Française

Also applies to
CVE-2022-22041
CVE-2022-30206
CVE-2022-30226

Background
Very little information has been published about these vulnerabilities but what we do know is that by exploiting any of them, an attacker would be able to delete targeted files on a system. They would not gain privileges to view or modify file contents.

While these vulnerabilities are not targeting Objectif Lune applications, we wanted to make sure the Windows patches that are being issued to fix them do not have a negative impact on any of our modules, more specifically the OL Connect Workflow module.

Impact
Our QA department ran a series of tests on patched systems and could not identify any adverse effect of the patches on our applications.

It is therefore recommended that you apply the security patches provided by Microsoft to prevent attackers from exploiting those vulnerabilities.

Tagged in: CVE-2022-22965, Spring MVC, Spring WebFlux, Vulnerability



Leave a Reply

Your email address will not be published. Required fields are marked *