Security
CISA Raises Alarm on Exploited Microsoft SCCM Vulnerability
Microsoft Configuration Manager Vulnerability Exploited by Cyber Attackers
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for U.S. government agencies to protect their systems against a critical vulnerability in Microsoft Configuration Manager. This vulnerability, known as CVE-2024-43468, was patched by Microsoft in October 2024 but is now being actively exploited in attacks.
Microsoft Configuration Manager, also referred to as ConfigMgr or SCCM, is an essential IT administration tool used for managing large groups of Windows servers and workstations.
The vulnerability, initially reported by Synacktiv, is a SQL injection flaw that allows remote attackers to execute arbitrary commands with the highest level of privileges on the server and database of the Microsoft Configuration Manager site.
Microsoft described the exploitation method as sending specially crafted requests to the target environment, enabling attackers to execute commands on the server and database. Although Microsoft initially deemed the likelihood of exploitation as low, proof-of-concept code was shared by Synacktiv in November 2024.
Despite Microsoft not updating its advisory, CISA has identified the vulnerability as actively exploited and has mandated Federal Civilian Executive Branch agencies to patch their systems by March 5th under Binding Operational Directive 22-01.
The cybersecurity agency emphasized the importance of mitigating such vulnerabilities promptly, as they are common targets for cybercriminals and pose significant risks to federal enterprises. CISA recommended all network defenders, including those in the private sector, to secure their systems against CVE-2024-43468 attacks.
Modern IT infrastructure outpaces manual workflows. Learn how to reduce delays, enhance reliability with automated responses, and create intelligent workflows using existing tools in the new Tines guide.
Curse of the Belmont Bloodline: A Collaborative Adventure
Pulsating Protection: A Comprehensive Review of the Arc Pulse Phone Case
Navigating Risk: Strategies for Multifamily Operators to Stay Ahead of Rising Interest Rates
CISA Raises Alarm on Exploited Microsoft SCCM Vulnerability
Adapt or Fall Behind: The Rise of AI as the News Gateway
Is the Samsung Galaxy S26 Ultra Falling Behind on Key Upgrades?
Essential Information: A Guide to What You Need to Know
Boosting Financial Returns with AI-Powered Accounts Payable Automation
Uncovering the Secret Web of Europe’s Digital Backbone
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook and Instagram to Reduce Personalized Ads for European Users
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Breaking Updates: Meta Connect 2025 Unveils Latest Developments
The Samsung S22 Ultra is secretly AMAZING.
Samsung S22 Ultra vs iPhone 13 Pro Max Camera Test
Samsung S22 Ultra vs S21 / iPhone 13 Pro Max / Pixel 6 Pro / Xiaomi 12 Pro Battery Life Drain Test!
I tested the BULLETPROOF iPhone.
POCO X4 Pro Review – $250 iPhone Destroyer?
10 Million!
17 WILDEST Inventions you won’t believe are REAL.
Apple’s 2022 products are even CRAZIER than you think.
I tested the CHEAPEST Gadgets on the Internet.
-
Facebook4 months agoEU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
-
Facebook4 months agoWarning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
-
Facebook4 months agoFacebook Compliance: ICE-tracking Page Removed After US Government Intervention
-
Facebook4 months agoInstaDub: Meta’s AI Translation Tool for Instagram Videos
-
Facebook2 months agoFacebook’s New Look: A Blend of Instagram’s Style
-
Facebook2 months agoFacebook and Instagram to Reduce Personalized Ads for European Users
-
Facebook2 months agoReclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
-
Apple4 months agoMeta discontinues Messenger apps for Windows and macOS
