Microsoft Threat Intelligence has identified a custom tool used by Forest Blizzard (STRONTIUM) refered to as GooseEgg, which is used to elevate privileges and peform credential theft on compromised networks.
CVE | Severity | CVSS | Product(s) Affected | Summary | Dated |
---|---|---|---|---|---|
CVE-2022-38028 | High | 7.8 | Multiple Microsoft Windows Products listed here | Successful exploitation of this vulnerability could lead to gaining SYSTEM privileges. | 20th December, 2023 |
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):