November 2022 Patch Tuesday | Microsoft Releases 65 New Vulnerabilities with 10 Critical; Adobe Releases Zero Advisories (for the first time in six years).

Debra M. Fezza Reed

Last updated on: November 26, 2022

Microsoft Patch Tuesday Summary

Microsoft has fixed 65 new vulnerabilities (aka flaws) in the November 2022 update, including ten (10) vulnerabilities classified as Critical as they allow Denial of Service (DoS), Elevation of Privilege (EoP), and Remote Code Execution (RCE). This month’s Patch Tuesday included a Microsoft Defense in Depth Update (ADV220003) and addressed six (6) known exploited zero-day vulnerabilities. Earlier this month, on November 2, 2022, Microsoft also released two (2) advisories for OpenSSL 3.x for Azure SDK for C++, C++ Library Manager for Windows (vcpkg), and Microsoft Azure Kubernetes Service (CVE-2022-3602, CVE-2022-3786).

Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege (EoP), Information Disclosure, Remote Code Execution(RCE), Security Feature Bypass, and Spoofing.

The November 2022 Microsoft Vulnerabilities are Classified as Follows:

In total, Microsoft addressed 68 vulnerabilities:
65 New CVEs on November 8th, two (2) CVEs on November 2nd,
and one (1) ADV220003.

OpenSSL 3.x Critical Vulnerability Highlights

OpenSSL Vulnerability RecapTravis Smith VP, Malware Threat Research, Qualys

CVE-2022-3602, CVE-2022-3786 | OpenSSL: X.509 Certificate Verification Buffer Overrun

The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by the Microsoft products listed in the Security Updates table and is known to be affected. It is being documented in the Security Update Guide to announce that the latest builds of these products are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.



Microsoft Addressed Six (6) Zero-Day Vulnerabilities

A vulnerability is classified as a zero-day if it is publicly disclosed or actively exploited with no official fix available.

Microsoft Exchange ProxyNotShell Zero-Day Fixed (CVE-2022-41040, CVE-2022-41082)

IMPORTANT: Qualys has updated QID 50122 – Microsoft Exchange Server Multiple Vulnerabilities (ProxyNotShell).


A rescan will be required to update existing detections with the updated Title, Threat, Solution, CVSSv2 Temporal Score, CVSSv3.1 Temporal Score, and multiple RTI updates including, but not limited to the addition of Exploit_Public, Unauthenticated_Exploitation, and Privilege_Escalation.


While CVE-2022-41040 and CVE-2022-41082 are not considered “new” advisories, per se, Microsoft has chosen to include them in their November 2022 Patch Tuesday release. The ProxyNotShell (CVE-2022-41040, CVE-2022-41082) advisories have been updated by Microsoft indicating that patches are now available along with this month’s Security Updates.  

Exploitability Assessment: Exploitation Detected


CVE-2022-41128 | Windows Scripting Languages Remote Code Execution (RCE) Vulnerability

This vulnerability has a CVSSv3.1 score of 8.8 / 10.

This vulnerability affects the JScript9 scripting language, which is part of the component Scripting Language. Successful exploitation requires user interaction by the victim. The attack may be initiated remotely.

This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.
  • Extended Security Updates (ESU) Vulnerability

Exploitability Assessment: Exploitation Detected


CVE-2022-41073 | Windows Print Spooler Elevation of Privilege (EoP) Vulnerability

This vulnerability has a CVSSv3.1 score of 7.8 / 10.

The following content was corrected on 2022-11-26: Microsoft has not disclosed the technical details of this vulnerability in their advisory, stating only that an attacker who successfully exploited this Elevation of Privilege vulnerability could gain SYSTEM privileges. The advisory provides download links to address the flaw in 60 products.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.
  • Extended Security Updates (ESU) Vulnerability

Exploitability Assessment: Exploitation Detected


CVE-2022-41125 | Windows CNG Key Isolation Service Elevation of Privilege (EoP) Vulnerability

This vulnerability has a CVSSv3.1 score of 7.8 / 10.

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

  • Windows Next-generation Cryptography (CNG)
  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.

Exploitability Assessment: Exploitation Detected


CVE-2022-41091 | Windows Mark of the Web Security Feature Bypass Vulnerability

This vulnerability has a CVSSv3.1 score of 5.4 / 10.

The following content was corrected on 2022-11-26: An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.

  • In a web-based attack scenario, an attacker could host a malicious website that is designed to exploit the security feature bypass.
  • In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted .url file that is designed to exploit the bypass.
  • Compromised websites or websites that accept or host user-provided content could contain specially crafted content to exploit the security feature bypass.

In all cases, an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could entice a user to either click a link that directs the user to the attacker’s site or send a malicious attachment.

Please see Additional information about Mark of the Web for further clarification.

  • Potential Impact LOW for Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.

Exploitability Assessment: Exploitation Detected


Microsoft Patch Tuesday Critical Vulnerability Highlights

CVE-2022-41080 | Microsoft Exchange Server Elevation of Privilege (EoP) Vulnerability

This vulnerability has a CVSSv3.1 score of 8.8 / 10.

The technical details are unknown, and an exploit is not publicly available. Applying a patch can eliminate this problem. Customers are advised to update their Exchange Server systems immediately, regardless of whether any previously recommended mitigation steps have been applied. The mitigation rules are no longer recommended once systems have been patched.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.

Exploitability Assessment: Exploitation More Likely


CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege (EoP) Vulnerability

This vulnerability has a CVSSv3.1 score of 8.1 / 10.

Microsoft Released: Nov 8, 2022; Microsoft Last updated: Nov 17, 2022

Qualys blog updated Nov 26, 2022:

There is a known issue documented in the security updates that address this vulnerability, where Kerberos authentication might fail for user, computer, service, and GMSA accounts when serviced by Windows domain controllers that have installed Windows security updates released on November 8, 2022. Has an update been released that addresses this known issue?

Yes. The issue is addressed by out-of-band updates released to Microsoft Update Catalog on and after November 17, 2022. Customers who have not already installed the security updates released on November 8, 2022, should install the out-of-band updates instead. Customers who have already installed the November 8, 2022, Windows security updates and who are experiencing issues should install the out-of-band updates.

For more information about these updates, please see the OS version-specific info on Windows release health at the following links:

For more information please see the Known Issues section of How to manage the Kerberos Protocol changes related to CVE-2022-37966.

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. An attacker who successfully exploited this vulnerability could gain administrator privileges. An unauthenticated attacker could conduct an attack that could leverage cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment.

Exploitability Assessment: Exploitation More Likely


CVE-2022-41044 | Windows Point-to-Point Tunneling Protocol Remote Code Execution (RCE) Vulnerability

This vulnerability has a CVSSv3.1 score of 8.1 / 10.

Successful exploitation of this vulnerability requires an attacker to win a race condition. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.
  • Extended Security Updates (ESU) Vulnerability

Exploitability Assessment: Exploitation Less Likely


CVE-2022-41088 | Windows Point-to-Point Tunneling Protocol Remote Code Execution (RCE) Vulnerability

This vulnerability has a CVSSv3.1 score of 8.1 / 10.

Successful exploitation of this vulnerability requires an attacker to win a race condition. This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.
  • Extended Security Updates (ESU) Vulnerability

Exploitability Assessment: Exploitation Less Likely


CVE-2022-41118 | Windows Scripting Languages Remote Code Execution (RCE) Vulnerability

This vulnerability has a CVSSv3.1 score of 7.5 / 10.

This vulnerability impacts both the JScript9 and Chakra scripting languages, which are both parts of the component Scripting Language. Successful exploitation requires user interaction by the victim. The attack may be initiated remotely.

This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.

  • Potential Impact HIGH for Confidentiality, Integrity, and Availability.
  • A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.
  • Extended Security Updates (ESU) Vulnerability

Exploitability Assessment: Exploitation More Likely


Microsoft Release Summary

This month’s Release Notes cover multiple Microsoft product families, including Azure, Developer Tools, Extended Security Updates (ESU), Microsoft Dynamics, Microsoft Office, Open Source Software, and Windows.

A total of 39 unique Microsoft products, features, and roles, including but not limited to Azure CLI, Microsoft Exchange Server Cumulative Update, Windows Endpoint, Windows Server, and Windows Server 2022 Datacenter: Azure Edition (Hotpatch) were included in this release.

Downloads include Cumulative Updates, IE Cumulative, Monthly Rollups, Security Hotpatch Updates, Security Only, and Security Updates.


Adobe Security Bulletins and Advisories

For November 2022, Adobe released no patches at all. They’ve released as few as one in the past, but this is the first month in the last six years where they had no fixes at all. Source


About Qualys Patch Tuesday

Qualys Patch Tuesday QIDs are published as Security Alerts typically late in the evening on the day of Patch Tuesday, followed later by the publication of the monthly queries for the Unified Dashboard: 2022 Patch Tuesday (QID Based) Dashboard by 1 pm PT on Wednesday.


Qualys Microsoft Security Alert, November 8, 2022

QID TITLE
48223 Microsoft Exchange Server Uniform Resource Locator (URL) Rewrite Mitigation Applied for ProxyNotShell
50122 Microsoft Exchange Server Multiple Vulnerabilities (ProxyNotShell)
50123 Microsoft Exchange Server Multiple Vulnerabilities for November 2022
91954 Microsoft .NET Framework Information Disclosure Vulnerability for November 2022
91956 Microsoft Windows Security Update for November 2022
91957 Microsoft Windows Server Elevation of Privilege Vulnerability for November 2022
91958 Microsoft Dynamics Business Central Information Disclosure Vulnerability for November 2022
91959 Microsoft Azure Stack Hub Security Updates for November 2022
91960 Microsoft Visual Studio Security Updates for November 2022
110419 Microsoft Office Security Update for November 2022
110420 Microsoft SharePoint Server and Foundation Update for November 2022

Qualys Threat Research Blog Posts

Published in the Last 30 days; Most Recent First


Qualys Threat Protection High-Rated Advisories

Published between October 13, - November 9, 2022, Most Recent First

Qualys Threat Protection

Free Trial

Get started with 30-day Free Trial


Discover and Prioritize Vulnerabilities in Vulnerability Management Detection Response (VMDR)

Qualys VMDR automatically detects new Patch Tuesday vulnerabilities using continuous updates to its KnowledgeBase (KB). 

You can see all your impacted hosts by these vulnerabilities using the following QQL query:

Query: vulnerabilities.vulnerability:( qid:`48223` OR qid:`50122` OR qid:`50123` OR qid:`91954` OR qid:`91956` OR qid:`91957` OR qid:`91958` OR qid:`91959` OR qid:`91960` OR qid:`110419` OR qid:`110420` )

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk

Qualys VMDR Recognized as Best VM Solution by SC Awards 2022 & Leader by GigaOm

A Deep Dive into VMDR 2.0 with Qualys TruRisk™

Qualys VMDR

Free Trial

Get started with 30-day Free Trial


Rapid Response with Patch Management (PM)

VMDR rapidly remediates Windows hosts by deploying the most relevant and applicable per-technology version patches. You can simply select respective QIDs in the Patch Catalog and filter on the “Missing” patches to identify and deploy the applicable, available patches with one click.

The following QQL will return the missing patches for this Patch Tuesday:

QUERY: ( qid:`48223` OR qid:`50122` OR qid:`50123` OR qid:`91954` OR qid:`91956` OR qid:`91957` OR qid:`91958` OR qid:`91959` OR qid:`91960` OR qid:`110419` OR qid:`110420` )

Get Your Patch Tuesday Vulnerabilities Patched on Tuesday New

Why Organizations Struggle with Patch Management (and What to Do about It)

Let Smart Automation Reduce the Risk of Zero-Day Attacks on Third-Party Applications

Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0

Qualys Patch Management

Free Trial

Get started with 30-day Free Trial


Extend the Power of VMDR to Enterprise Mobile Devices with Qualys VMDR Mobile New

Qualys VMDR for enterprise mobile devices provides comprehensive visibility and continuously assesses device, OS, apps, and network vulnerabilities including critical device configurations of mobile devices across your enterprise.

As mobile devices have become ubiquitous in almost every business process, whether in bank branches, manufacturing sites, or retail stores, they are now hosting business applications and data that is subject to regulatory compliance and security. With access to critical corporate resources inside the corporate network, these mobile devices have become critical assets for organizations, and organizations are facing a new set of security challenges and risks.

QID Title
610439 Google Android October 2022 Security Patch Missing for Huawei EMUI
610440 Apple iOS 15.7.1 and iPadOS 15.7.1 Security Update Missing
610438 Google Android October 2022 Security Patch Missing for Samsung
610436 Google Pixel Android October 2022 Security Patch Missing
610437 Google Android Devices October 2022 Security Patch Missing
610441 Apple iOS 16.1 and iPadOS 16 Security Update Missing

Qualys' Vulnerability Management, Detection, and Response (VMDR) solution extends its power to mobile devices. It provides an in-depth inventory of mobile devices, real-time visibility into vulnerabilities and critical device settings, and built-in remediation with patch orchestration for all Android and iOS/iPadOS devices across the enterprise. An end-to-end solution for mobile device security.

You can visualize all your impacted mobile devices with vulnerabilities using the following QQL query:

Query: vulnerabilities.vulnerability:( qid:`610439` OR qid:`610440` OR qid:`610438` OR qid:`610436` OR qid:`610437` OR qid:`610441` ) 

VMDR Mobile Blogs | Qualys, Inc.

Qualys VMDR Mobile User Guide Version 1.5.0 (June 20, 2022) | Qualys, Inc > Documentation

VMDR Mobile is an out-of-the-box solution that’s centrally managed and self-updating.


EXECUTE Mitigation Using Custom Assessment and Remediation (CAR)

Qualys Custom Assessment and Remediation empowers a system administrator to quickly and easily perform configuration updates on your technology infrastructure when the current situation requires the implementation of a vendor-suggested mitigation or workaround.

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability.

workaround is a method, sometimes used temporarily, for achieving a task or goal when the usual or planned method isn’t working. Information technology often uses a workaround to overcome hardware, programming, or communication problems. Once a problem is fixed, a workaround is usually abandoned. Source

Customers can perform the provided mitigation steps by creating a PowerShell script and executing the script on vulnerable assets.

IMPORTANT: Scripts tend to change over time. Please refer to the Qualys GitHub Tuesday Patch link to ensure the most current version of a given Patch Tuesday script is in use.


CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability

This vulnerability has a CVSSv3.1 score of 7.2 / 10.

Exploitability Assessment: Exploitation More Likely

Take Action > KB5020805: How to manage Kerberos protocol changes related to CVE-2022-37967

To help protect your environment and prevent outages, we recommend that you take the following steps: 

  1. UPDATE your Windows domain controllers with a Windows update released on or after November 8, 2022.
  2. MOVE your Windows domain controllers to Audit mode by using the Registry Key setting section.
  3. MONITOR events filed during Audit mode to secure your environment.
  4. ENABLE Enforcement mode to address CVE-2022-37967 in your environment.

NOTE: Step 1 of installing updates released on or after November 8, 2022, will not address the security issues in CVE-2022-37967 for Windows devices by default. To fully mitigate the security issue for all devices, you must move to Audit mode (described in Step 2) followed by Enforcement Mode (described in Step 4) as soon as possible on all Windows domain controllers. 

Leverage Custom Assessment and Remediation for CVE-2022-37967 Kerberos EOP Vuln to Execute Step #2: Enable Audit Mode:

if (Test-Path -path registry::HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc -ErrorAction Ignore){
reg add "HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc" /v KrbtgtFullPacSignature /t REG_DWORD /d '2' /f | Out-Null
Write-Output "Audit mode has been enabled for CVE-2022-37967 mitigation. Value '2' has been configured for KrbtgtFullPacSignature"
}
else {
Write-Output " 'HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc' key not found"
}

Leverage Custom Assessment and Remediation for CVE-2022-37967 Kerberos EOP Vuln to Execute Step #4: Enable Enforcement Mode:

if (Test-Path -path registry::HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc -ErrorAction Ignore){
reg add "HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc" /v KrbtgtFullPacSignature /t REG_DWORD /d '3' /f | Out-Null
Write-Output "Enforcement mode has been enabled for CVE-2022-37967 mitigation. Value '3' has been configured for KrbtgtFullPacSignature"
}
else {
Write-Output "'HKEY_LOCAL_MACHINE\System\currentcontrolset\services\kdc' key not found"
}

CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability

This vulnerability has a CVSSv3.1 score of 8.1 / 10.

Exploitability Assessment: Exploitation More Likely

Note: This update protects Windows devices from CVE-2022-38023 by default.  For third-party clients and third-party domain controllers, the update is in Compatibility mode by default and allows vulnerable connections from such clients. Refer to the Registry Key settings section for steps to move to Enforcement mode.

Leverage Custom Assessment and Remediation for CVE-2022-38023 - Netlogon RPC EOP Vuln to Enable Enforcement Mode:

if (Test-Path -path registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters -ErrorAction Ignore){
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters" /v RequireSeal /t REG_DWORD /d '2' /f | Out-Null
Write-Output "Enforcement mode has been enabled for CVE-2022-38023 mitigation for third-party clients and third-party domain controllers. Value '2' has been configured for RequireSeal"
}
else {
Write-Output "'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' key not found"
}
Qualys Custom Assessment and Remediation

Free Trial

Get started with 30-day Free Trial


EVALUATE Vendor-Suggested Mitigation with Policy Compliance (PC)

Qualys Policy Compliance Control Library makes it easy to evaluate your technology infrastructure when the current situation requires implementation validation of a vendor-suggested mitigation or workaround.

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability.

workaround is a method, sometimes used temporarily, for achieving a task or goal when the usual or planned method isn’t working. Information technology often uses a workaround to overcome hardware, programming, or communication problems. Once a problem is fixed, a workaround is usually abandoned. Source

The following Qualys Policy Compliance Control IDs (CIDs), and System Defined Controls (SDC) have been updated to support Microsoft recommended mitigation(s) for this Patch Tuesday:

CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability

This vulnerability has a CVSSv3.1 score of 7.2 / 10.

Policy Compliance Control IDs (CIDs):

  • 25167 Status of the 'KrbtgtFullPacSignature' setting for the Kerberos

As per KB5020805, this mitigation should be applied after the patch 

NOTE: To help protect your environment and prevent outages, we have outlined the Qualys recommended remediation steps above and provided Qualys Custom Assessment and Remediation (CAR) supporting scripts.

Exploitability Assessment: Exploitation More Likely


CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability

This vulnerability has a CVSSv3.1 score of 8.1 / 10.

Policy Compliance Control IDs (CIDs):

  • 25168 Status of the 'RequireSeal' setting for the Netlogon Remote Protocol

As per KB5021130, this mitigation should be applied after the patch 

NOTE: To help protect your environment and prevent outages, we have outlined the Qualys recommended remediation steps above and provided Qualys Custom Assessment and Remediation (CAR) supporting scripts.

Exploitability Assessment: Exploitation More Likely

Qualys Policy Compliance

Free Trial

Get started with 30-day Free Trial


Patch Tuesday is Complete.


This Month in Vulnerabilities and Patches Webinar Series 

The Qualys Product Management and Threat Research team members host a monthly webinar series to help our existing customers leverage the seamless integration between Qualys Vulnerability Management Detection Response (VMDR) and Qualys Patch Management. Combining these two solutions can reduce the median time to remediate critical vulnerabilities. 

During the webcast, this month’s Patch Tuesday high-impact vulnerabilities will be discussed. We will walk you through the necessary steps to address the key vulnerabilities using Qualys VMDR and Qualys Patch Management.


UPCOMING EVENTS


The content within this section will spotlight upcoming Vulnerability Management, Patch Management, Threat Protection, Custom Assessment and Remediation, and Policy Compliance adjacent events available to our prospective, new, and existing customers.

WEBINARS

Qualys Workshop Wednesday

For our December 7th session, we will cover security compliance with Qualys Cloud. 

At Qualys Inc, providing cybersecurity through technology is what we do. Join us each month as we tap into the minds of Qualys experts to share how you can get the most out of your investment and understand ways in which you can quickly reduce your cyber risk exposure using the Qualys Cloud Platform. Each 45-minute monthly session, hosted on the first Wednesday of the month, will showcase practical hands-on tips and tricks, news on new capabilities and services, as well as useful customer success stories that can help you get the most out of the Qualys Cloud Platform.  


Qualys Threat Thursdays

November 2022 Threat Thursday Topic is Empire, an Open-Source cross-platform post-exploitation framework that has been in active development since 2015.

The Qualys Threat Research team invites you to join their regular monthly webinar series covering the latest threat intelligence analysis and insight.

Never miss an update. Subscribe Today!

Click Here to quickly navigate to Qualys Threat Thursday blog posts.


CONFERENCES



This month’s blog content is the result of collaboration with and contributions from:

In order of appearance

  • Quote: Travis Smith VP, Malware Threat Research, Qualys
  • QID Content: Arun Kethipelly, Manager, Signature Engineering
  • QID Content: Dianfang (Sabrina) Gao, Lead, QA Engineer
  • VMDR Mobile Content: Swapnil Ahirrao, Principal Product Manager, VMDR
  • VMDR Mobile Content: Swapnil Bhoskar, Lead, Security Signature Engineer
  • CAR Content: Mukesh Choudhary, Compliance Research Analyst
  • CAR Content: Lavish Jhamb, Solution Architect, Compliance Solutions
  • PC Content: Xiaoran (Alex) Dong, Manager, Compliance Signature Engineering