Microsoft has revised the severity of a security vulnerability it originallypatched in September 2022, upgrading it to “Critical” after it emerged that it could be exploited to achieve remote code execution. Tracked asCVE-2022-37958(CVSS score: 8.1), the flaw was previously described as aninformation disclosure vulnerabilityin SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. SPNEGO,