Vulnerability Awareness – Please Review – Previously Patched Microsoft Windows Vulnerability Discovered to have EternalBlue-like Capabilities

CVE-2022-37958 is a remote code execution (RCE) vulnerability in the SPNEGO NEGOEX protocol of Windows operating systems, which supports authentication in applications. Exploitation of this vulnerability could allow attackers to execute malicious code with no authentication required. While Microsoft supplied a patch in September 2022, upon further research, the security rating has been elevated as the vulnerability was discovered to have EternalBlue-like RCE capabilities and the potential to be wormable.