Bluewall 4d ago

Hunting CVE-2026-41096 (Windows DNS Client RCE, CVSS 9.8) in Advanced Hunting?

DeviceProcessEvents
| where Timestamp > ago(7d)
| where InitiatingProcessFileName =~ "svchost.exe"
| where InitiatingProcessCommandLine has_any ("dnscache", "NetworkService")
| where FileName !in~ ("conhost.exe", "WerFault.exe", "wermgr.exe")
| project Timestamp, DeviceName, FileName, ProcessCommandLine
| order by Timestamp desc

#CVE202641096 #KQL #ThreatHunting #MDE

Analyst2074d ago

Microsoft Patches 138 Vulnerabilities, Including Critical DNS and Netlogon Flaws

Microsoft just patched a critical DNS flaw that could let hackers execute code on your network, along with 137 other vulnerabilities - so make sure to update ASAP! The update also includes a mandatory rollout of updated Secure Boot certificates to keep your system secure.

https://osintsights.com/microsoft-patches-138-vulnerabilities-including-critical-dns-and-netlogon-flaws?utm_source=mastodon&utm_medium=social

#WindowsDns #Cve202641096 #SecureBoot #Microsoft #PatchTuesday

Microsoft Patches 138 Vulnerabilities, Including Critical DNS and Netlogon Flaws

Patch critical DNS and Netlogon flaws now with Microsoft's latest update, fixing 138 vulnerabilities and protecting your systems from cyber threats effectively today.

OSINTSights