Patched Windows Bug Was Actually a Dangerous Wormable Code-Execution Vulnerability

Ars Technica reports on a dangerously "wormable" Windows vulnerability that allowed attackers to execute malicious code with no authentication required — a vulnerability that was present "in a much broader range of network protocols, giving attackers more flexibility than they had when exploiting the older vulnerability."Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes. At the time, however, Microsoft researchers believed the vulnerabil