{"id":734,"date":"2025-02-12T13:36:02","date_gmt":"2025-02-12T13:36:02","guid":{"rendered":"https:\/\/oerlabs.com.br\/blog\/?p=734"},"modified":"2025-02-12T13:59:27","modified_gmt":"2025-02-12T13:59:27","slug":"patch-tuesday-da-microsoft-corrige-63-falhas-incluindo-duas-sob-exploracao-ativa","status":"publish","type":"post","link":"https:\/\/oerlabs.com.br\/blog\/2025\/02\/12\/patch-tuesday-da-microsoft-corrige-63-falhas-incluindo-duas-sob-exploracao-ativa\/","title":{"rendered":"Patch Tuesday da Microsoft corrige 63 falhas, incluindo duas sob explora\u00e7\u00e3o ativa"},"content":{"rendered":"\n<p class=\"\">Na ter\u00e7a-feira, a Microsoft lan\u00e7ou corre\u00e7\u00f5es para&nbsp;<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2025-Feb\" rel=\"noreferrer noopener\" target=\"_blank\">63 falhas de seguran\u00e7a<\/a>&nbsp;que afetam seus produtos de software, incluindo duas vulnerabilidades que, segundo a empresa, est\u00e3o sendo exploradas ativamente.<\/p>\n\n\n\n<p class=\"\">Das 63 vulnerabilidades, tr\u00eas s\u00e3o classificadas como Cr\u00edticas, 57 s\u00e3o classificadas como Importantes, uma \u00e9 classificada como Moderada e duas s\u00e3o classificadas como Baixa em gravidade. Isso sem contar as&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/deployedge\/microsoft-edge-relnotes-security\" rel=\"noreferrer noopener\" target=\"_blank\">23 falhas<\/a>&nbsp;que a Microsoft corrigiu em seu navegador Edge baseado em Chromium desde o lan\u00e7amento da&nbsp;<a href=\"https:\/\/thehackernews.com\/2025\/01\/3-actively-exploited-zero-day-flaws.html\" rel=\"noreferrer noopener\" target=\"_blank\">atualiza\u00e7\u00e3o Patch Tuesday<\/a>&nbsp;do m\u00eas passado .<\/p>\n\n\n\n<p class=\"\">A atualiza\u00e7\u00e3o \u00e9 not\u00e1vel por corrigir duas falhas exploradas ativamente &#8211;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"\"><strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21391\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2025-21391<\/a><\/strong>&nbsp;(pontua\u00e7\u00e3o CVSS: 7,1) &#8211; Vulnerabilidade de eleva\u00e7\u00e3o de privil\u00e9gio do Windows Storage<\/li>\n\n\n\n<li class=\"\"><strong><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21418\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2025-21418<\/a><\/strong>&nbsp;(pontua\u00e7\u00e3o CVSS: 7,8) &#8211; Driver de fun\u00e7\u00e3o auxiliar do Windows para vulnerabilidade de eleva\u00e7\u00e3o de privil\u00e9gio do WinSock<\/li>\n<\/ul>\n\n\n\n<p class=\"\">&#8220;Um invasor s\u00f3 seria capaz de excluir arquivos alvo em um sistema&#8221;, disse a Microsoft em um alerta para CVE-2025-21391. &#8220;Esta vulnerabilidade n\u00e3o permite a divulga\u00e7\u00e3o de nenhuma informa\u00e7\u00e3o confidencial, mas pode permitir que um invasor exclua dados que podem incluir dados que resultem na indisponibilidade do servi\u00e7o.&#8221;<\/p>\n\n\n\n<p class=\"\">Mike Walters, presidente e cofundador da Action1,&nbsp;<a href=\"https:\/\/www.action1.com\/patch-tuesday\/patch-tuesday-february-2025\/\" rel=\"noreferrer noopener\" target=\"_blank\">observou<\/a>&nbsp;que a vulnerabilidade pode ser encadeada com outras falhas para aumentar privil\u00e9gios e executar a\u00e7\u00f5es subsequentes que podem complicar os esfor\u00e7os de recupera\u00e7\u00e3o e permitir que os agentes de amea\u00e7as ocultem seus rastros excluindo artefatos forenses cruciais.<\/p>\n\n\n\n<p class=\"\">CVE-2025-21418, por outro lado, diz respeito a um caso de escalonamento de privil\u00e9gios no AFD.sys que pode ser explorado para obter privil\u00e9gios de SISTEMA.<\/p>\n\n\n\n<p class=\"\">Vale a pena notar que uma falha semelhante no mesmo componente (CVE-2024-38193) foi&nbsp;<a href=\"https:\/\/thehackernews.com\/2024\/08\/microsoft-patches-zero-day-flaw.html\" rel=\"noreferrer noopener\" target=\"_blank\">divulgada<\/a>&nbsp;pela Gen Digital em agosto passado como sendo armada pelo Lazarus Group, ligado \u00e0 Coreia do Norte. Em fevereiro de 2024, a gigante da tecnologia tamb\u00e9m corrigiu uma falha de escalonamento de privil\u00e9gios do kernel do Windows (CVE-2024-21338) afetando o driver AppLocker (appid.sys) que tamb\u00e9m foi explorado pela equipe de hackers.<\/p>\n\n\n\n<p class=\"\">Essas cadeias de ataque se destacam porque v\u00e3o al\u00e9m de um ataque tradicional do tipo Traga seu pr\u00f3prio driver vulner\u00e1vel (BYOVD), aproveitando uma falha de seguran\u00e7a em um driver nativo do Windows, evitando assim a necessidade de introduzir outros drivers nos ambientes de destino.<\/p>\n\n\n\n<p class=\"\">Atualmente, n\u00e3o se sabe se o abuso do CVE-2025-21418 tamb\u00e9m est\u00e1 vinculado ao Lazarus Group. A Ag\u00eancia de Seguran\u00e7a Cibern\u00e9tica e de Infraestrutura dos EUA (CISA) adicionou&nbsp;<a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/02\/11\/cisa-adds-four-known-exploited-vulnerabilities-catalog\" rel=\"noreferrer noopener\" target=\"_blank\">ambas<\/a>&nbsp;as falhas ao seu cat\u00e1logo de Vulnerabilidades Exploradas Conhecidas (&nbsp;<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" rel=\"noreferrer noopener\" target=\"_blank\">KEV<\/a>&nbsp;), exigindo que as ag\u00eancias federais apliquem os patches at\u00e9 4 de mar\u00e7o de 2025.<\/p>\n\n\n\n<p class=\"\">A mais grave das falhas abordadas pela Microsoft na atualiza\u00e7\u00e3o deste m\u00eas \u00e9&nbsp;<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21198\" rel=\"noreferrer noopener\" target=\"_blank\">a CVE-2025-21198<\/a>&nbsp;(pontua\u00e7\u00e3o CVSS: 9,0), uma vulnerabilidade de execu\u00e7\u00e3o remota de c\u00f3digo (RCE) no High Performance Compute (HPC) Pack.<\/p>\n\n\n\n<p class=\"\">&#8220;Um invasor pode explorar essa vulnerabilidade enviando uma solicita\u00e7\u00e3o HTTPS especialmente criada para o n\u00f3 principal ou n\u00f3 de computa\u00e7\u00e3o Linux alvo, concedendo a ele a capacidade de executar RCE em outros clusters ou n\u00f3s conectados ao n\u00f3 principal alvo&#8221;, disse a Microsoft.<\/p>\n\n\n\n<p class=\"\">Tamb\u00e9m vale a pena mencionar outra vulnerabilidade RCE (&nbsp;<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21376\" rel=\"noreferrer noopener\" target=\"_blank\">CVE-2025-21376<\/a>&nbsp;, pontua\u00e7\u00e3o CVSS: 8.1) impactando o Windows Lightweight Directory Access Protocol (LDAP) que permite que um invasor envie uma solicita\u00e7\u00e3o especialmente criada e execute c\u00f3digo arbitr\u00e1rio. No entanto, a explora\u00e7\u00e3o bem-sucedida da falha requer que o agente da amea\u00e7a ven\u00e7a uma condi\u00e7\u00e3o de corrida.<\/p>\n\n\n\n<p class=\"\">&#8220;Considerando que o LDAP \u00e9 parte integrante do Active Directory, que sustenta a autentica\u00e7\u00e3o e o controle de acesso em ambientes corporativos, um comprometimento pode levar a movimenta\u00e7\u00e3o lateral, escalonamento de privil\u00e9gios e viola\u00e7\u00f5es generalizadas de rede&#8221;, disse Ben McCarthy, engenheiro-chefe de seguran\u00e7a cibern\u00e9tica da Immersive Labs.<\/p>\n\n\n\n<p class=\"\">Em outro lugar, a atualiza\u00e7\u00e3o tamb\u00e9m resolve uma vulnerabilidade de divulga\u00e7\u00e3o de hash NTLMv2 (&nbsp;<a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2025-21377\" rel=\"noreferrer noopener\" target=\"_blank\">CVE-2025-21377<\/a>&nbsp;, pontua\u00e7\u00e3o CVSS: 6,5) que, se explorada com sucesso, pode permitir que um invasor se autentique como o usu\u00e1rio visado.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"software-patches-from-other-vendors\">Patches de software de outros fornecedores<\/h3>\n\n\n\n<p class=\"\">Al\u00e9m da Microsoft, atualiza\u00e7\u00f5es de seguran\u00e7a tamb\u00e9m foram lan\u00e7adas por outros fornecedores nas \u00faltimas semanas para corrigir diversas vulnerabilidades, incluindo \u2014<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"\"><a href=\"https:\/\/helpx.adobe.com\/security\/security-bulletin.html\" target=\"_blank\" rel=\"noreferrer noopener\">Adobe<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/thehackernews.com\/2025\/02\/xe-hacker-group-exploits-veracore-zero.html\" target=\"_blank\" rel=\"noreferrer noopener\">VeraCore Avan\u00e7ado<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/aws.amazon.com\/security\/security-bulletins\/\" target=\"_blank\" rel=\"noreferrer noopener\">Servi\u00e7os da Web da Amazon<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.amd.com\/en\/resources\/product-security.html#security\" target=\"_blank\" rel=\"noreferrer noopener\">AMD<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/support.apple.com\/en-us\/HT201222\" target=\"_blank\" rel=\"noreferrer noopener\">Ma\u00e7\u00e3<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/developer.arm.com\/Arm%20Security%20Center\/Mali%20GPU%20Driver%20Vulnerabilities\" target=\"_blank\" rel=\"noreferrer noopener\">Bra\u00e7o<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.asus.com\/content\/asus-product-security-advisory\/\" target=\"_blank\" rel=\"noreferrer noopener\">ASUS<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/community.automationdirect.com\/s\/internal-database-security-advisory\/Internal_Database_Security_Advisory__c\/Default\" target=\"_blank\" rel=\"noreferrer noopener\">Automa\u00e7\u00e3o Direta<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/psirt.bosch.com\/security-advisories\/\" target=\"_blank\" rel=\"noreferrer noopener\">Bosch<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/psirt.canon\/advisory-information\/#id_2229656\" target=\"_blank\" rel=\"noreferrer noopener\">C\u00e2none<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/tools.cisco.com\/security\/center\/publicationListing.x\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.codesys.com\/security\/security-reports.html\" target=\"_blank\" rel=\"noreferrer noopener\">C\u00d3DIGOS<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/supportannouncement.us.dlink.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Link D<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.dell.com\/support\/security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Dell<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/devolutions.net\/security\/advisories\/\" target=\"_blank\" rel=\"noreferrer noopener\">Gerenciador de \u00c1rea de Trabalho Remota Devolutions<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.drupal.org\/security\" target=\"_blank\" rel=\"noreferrer noopener\">Drupal<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/my.f5.com\/manage\/s\/new-updated-articles#sort=%40f5_updated_published_date%20descending&amp;f:@f5_document_type=[Security%20Advisory]&amp;periodFilter=0&amp;dateField=1\" target=\"_blank\" rel=\"noreferrer noopener\">F5<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.fortiguard.com\/psirt\" target=\"_blank\" rel=\"noreferrer noopener\">Fortinet<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/about.gitlab.com\/releases\/2025\/01\/22\/patch-release-gitlab-17-8-1-released\/\" target=\"_blank\" rel=\"noreferrer noopener\">Laborat\u00f3rio Git<\/a><\/li>\n\n\n\n<li class=\"\">Google&nbsp;<a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/2025-02-01\" target=\"_blank\" rel=\"noreferrer noopener\">Android<\/a>&nbsp;e&nbsp;<a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/pixel\/2025-02-01\" target=\"_blank\" rel=\"noreferrer noopener\">Pixel<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/chromereleases.googleblog.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Google Chrome<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/cloud.google.com\/support\/bulletins\" target=\"_blank\" rel=\"noreferrer noopener\">Nuvem do Google<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/source.android.com\/docs\/security\/bulletin\/wear\/2025\/2025-02-01\" target=\"_blank\" rel=\"noreferrer noopener\">Google Wear OS<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.hms-networks.com\/cyber-security\" target=\"_blank\" rel=\"noreferrer noopener\">Redes HMS<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/support.hp.com\/us-en\/security-bulletins\" target=\"_blank\" rel=\"noreferrer noopener\">HP<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/support.hpe.com\/connect\/s\/securitybulletinlibrary?language=en_US#sort=%40hpescuniversaldate%20descending&amp;layout=table&amp;numberOfResults=25&amp;f:@kmdoclanguagecode=[cv1871440]&amp;hpe=1\" target=\"_blank\" rel=\"noreferrer noopener\">HP Enterprise<\/a>&nbsp;(incluindo Aruba Networking)<\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.ibm.com\/support\/pages\/bulletin\/\" target=\"_blank\" rel=\"noreferrer noopener\">IBM<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.intel.com\/content\/www\/us\/en\/security-center\/default.html\" target=\"_blank\" rel=\"noreferrer noopener\">Intel<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/forums.ivanti.com\/s\/searchallcontent?language=en_US#q=CVE&amp;t=All&amp;sort=date%20descending&amp;f:@sfkbknowledgearticletypec=[Security%20Advisory]\" target=\"_blank\" rel=\"noreferrer noopener\">Ivanti<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.jenkins.io\/security\/advisory\/2025-01-22\/\" target=\"_blank\" rel=\"noreferrer noopener\">Jenkins<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/supportportal.juniper.net\/s\/global-search\/%40uri?language=en_US#sort=date%20descending&amp;f:ctype=[Security%20Advisories]\" target=\"_blank\" rel=\"noreferrer noopener\">Redes Juniper<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/support.lenovo.com\/us\/en\/product_security\/ps500001-lenovo-product-security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">Lenovo<\/a><\/li>\n\n\n\n<li class=\"\">Distribui\u00e7\u00f5es Linux&nbsp;<a href=\"https:\/\/explore.alas.aws.amazon.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Amazon Linux<\/a>&nbsp;,&nbsp;<a href=\"https:\/\/www.debian.org\/security\/2022\/\" target=\"_blank\" rel=\"noreferrer noopener\">Debian<\/a>&nbsp;,&nbsp;<a href=\"https:\/\/linux.oracle.com\/ords\/f?p=105:21::::RP::\" target=\"_blank\" rel=\"noreferrer noopener\">Oracle Linux<\/a>&nbsp;,&nbsp;<a href=\"https:\/\/access.redhat.com\/security\/security-updates\/#\/security-advisories?q=&amp;p=1&amp;sort=portal_publication_date%20desc&amp;rows=10&amp;portal_advisory_type=Security%20Advisory&amp;documentKind=PortalProduct\" target=\"_blank\" rel=\"noreferrer noopener\">Red Hat<\/a>&nbsp;,&nbsp;<a href=\"https:\/\/errata.rockylinux.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Rocky Linux<\/a>&nbsp;,&nbsp;<a href=\"https:\/\/www.suse.com\/support\/update\/\" target=\"_blank\" rel=\"noreferrer noopener\">SUSE<\/a>&nbsp;e&nbsp;<a href=\"https:\/\/ubuntu.com\/security\/notices\" target=\"_blank\" rel=\"noreferrer noopener\">Ubuntu<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/corp.mediatek.com\/product-security-bulletin\" target=\"_blank\" rel=\"noreferrer noopener\">MediaTek<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.mitel.com\/support\/security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">Mitel<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.mitsubishielectric.com\/en\/psirt\/vulnerability\/index.html\" target=\"_blank\" rel=\"noreferrer noopener\">Mitsubishi El\u00e9trica<\/a><\/li>\n\n\n\n<li class=\"\">Mozilla&nbsp;<a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/\" target=\"_blank\" rel=\"noreferrer noopener\">Firefox, Firefox ESR e Thunderbird<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.netgear.com\/about\/security\/\" target=\"_blank\" rel=\"noreferrer noopener\">NETGEAR<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.nvidia.com\/en-us\/security\/\" target=\"_blank\" rel=\"noreferrer noopener\">NVIDIA<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/openssl-library.org\/news\/vulnerabilities\/index.html#2025\" target=\"_blank\" rel=\"noreferrer noopener\">SSL aberto<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/security.paloaltonetworks.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Redes Palo Alto<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/community.progress.com\/s\/global-search\/%40uri#t=KnowledgeBase&amp;sort=date%20descending&amp;numberOfResults=100&amp;f:@sfarticletypec=[Product_Alert,Critical_Alert]\" target=\"_blank\" rel=\"noreferrer noopener\">Software de progresso<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.qnap.com\/en\/security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">QNAP<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/docs.qualcomm.com\/product\/publicresources\/securitybulletin\/\" target=\"_blank\" rel=\"noreferrer noopener\">Qualcomm<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.rockwellautomation.com\/en-us\/company\/about-us\/sustainability\/trust-security\/security-advisories.html?sort=pubAsc\" target=\"_blank\" rel=\"noreferrer noopener\">Automa\u00e7\u00e3o Rockwell<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/security.salesforce.com\/security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">For\u00e7a de vendas<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/security.samsungmobile.com\/securityUpdate.smsb\" target=\"_blank\" rel=\"noreferrer noopener\">Samsung<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/support.sap.com\/en\/my-support\/knowledge-base\/security-notes-news\/february-2025.html\" target=\"_blank\" rel=\"noreferrer noopener\">SEIVA<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.se.com\/ww\/en\/work\/support\/cybersecurity\/security-notifications.jsp\" target=\"_blank\" rel=\"noreferrer noopener\">Schneider Electric<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/new.siemens.com\/global\/en\/products\/services\/cert.html#SecurityPublications\" target=\"_blank\" rel=\"noreferrer noopener\">Siemens<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.solarwinds.com\/trust-center\/security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">Ventos solares<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/capturelabs.sonicwall.com\/m\/feature\/vulnerability-list\/all\" target=\"_blank\" rel=\"noreferrer noopener\">Parede S\u00f4nica<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.synology.com\/en-in\/security\/advisory\" target=\"_blank\" rel=\"noreferrer noopener\">Sinologia<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/thehackernews.com\/2025\/02\/cisa-warns-of-active-exploitation-in.html\" target=\"_blank\" rel=\"noreferrer noopener\">Obras urbanas de Trimble<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.veeam.com\/knowledge-base.html?type=security&amp;page=1\" target=\"_blank\" rel=\"noreferrer noopener\">Veeam<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.veritas.com\/support\/en_US\/security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Verdadeiras<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/wiki.zimbra.com\/wiki\/Security_Center\" target=\"_blank\" rel=\"noreferrer noopener\">Zimbra<\/a><\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/explore.zoom.us\/en\/trust\/security\/security-bulletin\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ampliar<\/a>&nbsp;, e<\/li>\n\n\n\n<li class=\"\"><a href=\"https:\/\/www.zyxel.com\/global\/en\/support\/security-advisories\" target=\"_blank\" rel=\"noreferrer noopener\">Zyxel<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Na ter\u00e7a-feira, a Microsoft lan\u00e7ou corre\u00e7\u00f5es para&nbsp;63 falhas de seguran\u00e7a&nbsp;que afetam seus produtos de software, incluindo duas vulnerabilidades que, segundo a empresa, est\u00e3o sendo exploradas ativamente. Das 63 vulnerabilidades, tr\u00eas s\u00e3o classificadas como Cr\u00edticas, 57 s\u00e3o classificadas como Importantes, uma \u00e9 classificada como Moderada e duas s\u00e3o classificadas como Baixa em gravidade. Isso sem contar [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":735,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[5,7,1],"tags":[],"class_list":["post-734","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-desenvolvimento","category-hackers","category-tecnologia"],"_links":{"self":[{"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/734","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/comments?post=734"}],"version-history":[{"count":2,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/734\/revisions"}],"predecessor-version":[{"id":747,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/734\/revisions\/747"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/media\/735"}],"wp:attachment":[{"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/media?parent=734"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/categories?post=734"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/oerlabs.com.br\/blog\/wp-json\/wp\/v2\/tags?post=734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}