Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as ‘Critical’

on December 15, 2022

The Hacker News

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. SPNEGO,

More From Author

Hacking news

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

April 2, 2026

The Hacker News

Hacking news

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

April 2, 2026

The Hacker News

Hacking news

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

April 2, 2026

The Hacker News

Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as ‘Critical’

More From Author

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

Operation Power Off: 50 DDoS-services taken offline in international crackdown

Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities