Microsoft has sent a security alert by mail as of 30 March 2022, with a warning about a the vulnerability CVE-2022-23278. This is a spoofing vulnerability in Microsoft Defender for Endpoint, which has already been closed in Android and iOS as of 8 March 2022. As of 30 March, Microsoft advises users to ensure devices have received the latest update.
Advertising
Here is Microsoft's announcement on the Defender spoofing vulnerability.
*****************************************************
Title: Microsoft Security Update Revisions
Issued: March 30, 2022
*****************************************************
Summary
=======
The following CVE has undergone a revision increment.
=====================================================
* CVE-2022-23278
Advertising
– CVE-2022-23278 | Microsoft Defender for Endpoint Spoofing Vulnerability
– Version: 3.0
– Reason for Revision: Added links to updates for Microsoft Defender for Endpoint
for iOS and Microsoft Defender for Endpoint for Android. Customers that are
running these products should ensure that they have received the updates.
– Originally posted: March 8, 2022
– Updated: March 28, 2022
– Aggregate CVE Severity Rating: Important
Advertising
