Microsoft’s July security update for multiple high-risk product vulnerabilities

Microsoft’s July security update for multiple high-risk product vulnerabilities

July 18, 2022 | Jie Ji

Overview

On July 13, NSFOCUS CERT detected that Microsoft released the July security update patch, which fixed 84 security issues, involving widely used products such as Windows, Microsoft Office, Windows Print Spooler Components, Windows Hyper-V, and Azure Site Recovery, and included high-risk vulnerability types such as privilege escalation and remote code execution.

Among the vulnerabilities fixed by Microsoft’s monthly update this month, there are 4 critical (Critical) vulnerabilities and 80 important (Important) vulnerabilities, including 1 0day vulnerability:

Windows CSRSS Privilege Escalation Vulnerability (CVE-2022-22047)

Relevant users are requested to update patches as soon as possible for protection. For a complete list of vulnerabilities, please refer to the appendix.

The NSFOCUS Remote Security Assessment System (RSAS) has the ability to detect most of the vulnerabilities in Microsoft’s patch update (including CVE-2022-22047, CVE-2022-30221, CVE-2022-22029, CVE-2022-22039, CVE -2022-22038 and other high-risk vulnerabilities), please relevant users pay attention to the update of the NSFOCUS remote security assessment system system plug-in upgrade package, and upgrade to V6.0R02F01.2802 in time, the official website link: http://update.nsfocus.com/update/ listRsasDetail/v/vulsys

Reference link: https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul

Description of Major Vulnerabilities

According to the popularity of the product and the importance of the vulnerability, the most influential vulnerabilities contained in this update are screened out. Please pay attention to the relevant users:

Windows CSRSS Privilege Escalation Vulnerability (CVE-2022-22047):

A privilege escalation vulnerability exists in Windows CSRSS. Since the application in CSRSS does not implement the correct security restrictions, a local attacker with low privileges can bypass the security restrictions by exploiting this vulnerability, thereby escalating to SYSTEM privileges on the target system and executing arbitrary code. And no user interaction is required. Microsoft officials said that the vulnerability has been detected to be exploited in the wild.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047

Remote Procedure Call Runtime Remote Code Execution Vulnerability (CVE-2022-22038):

A remote code execution vulnerability exists in the Remote Procedure Call Runtime. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the target system. The vulnerability is complex to exploit, and Microsoft officials said: To successfully exploit this vulnerability, an attacker needs to repeat the exploitation attempt by sending constant or intermittent data.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038

Windows Network File System Remote Code Execution Vulnerability (CVE-2022-22029/CVE-2022-22039):

A remote code execution vulnerability (CVE-2022-22029/CVE-2022-22039) exists in the Windows Network File System, which allows an unauthenticated remote attacker to send a specially crafted request packet to a Network File System (NFS) server, eventually causing the target Execute arbitrary code on the system. The above vulnerabilities are more complex to exploit, and Microsoft officials said: To successfully exploit the vulnerabilities, an attacker needs to repeat the exploitation attempt by sending constant or intermittent data.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22029

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22039

Windows Graphics Component Remote Code Execution Vulnerability (CVE-2022-30221):

An unauthenticated remote attacker can induce arbitrary code execution on the target system by tricking the user into connecting to a malicious RDP server. Microsoft officially stated: Only operating systems with RDP 8.0 or RDP 8.1 installed will be affected by this vulnerability. If users do not install these versions of RDP on Windows 7 SP1 or Window Server 2008 R2 SP1, they will not be affected by this vulnerability. .

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30221

Windows Graphics Component Privilege Escalation Vulnerability (CVE-2022-22034):

A privilege escalation vulnerability exists in the Windows Graphics Component. Since the application in the Graphics Component does not implement the correct security restrictions, a local attacker with low privileges can bypass the security restrictions by exploiting this vulnerability, thereby escalating to SYSTEM privileges on the target system without needing to User interaction, CVSS score of 7.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034

Active Directory Federation Services Privilege Escalation Vulnerability (CVE-2022-30215):

Active Directory is a directory service for Windows Standard Server, Windows Enterprise Server, and Windows Datacenter Server. Due to a flaw in the security restrictions of Active Directory Federation Services, in a specific configuration environment, a remote attacker with low privileges can exploit the vulnerability to bypass the Active Directory trust boundary, escalate to domain administrator privileges and execute arbitrary code on the target system .

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30215

Windows Server Service Tampering Vulnerability (CVE-2022-30216):

There is a service tampering vulnerability in the Server Service. Since the applications in Windows Server do not implement correct security restrictions, an authenticated remote attacker needs to upload a specially crafted malicious certificate to the target server, and finally can execute arbitrary code on the target system without the need for User interaction.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30216

Windows Common Log File System Driver Privilege Escalation Vulnerability (CVE-2022-30220):

A privilege escalation vulnerability exists in the Common Log File System Driver. Because the application in this product does not implement the correct security restrictions, a local attacker with low privileges can bypass the security restrictions by exploiting this vulnerability, thereby escalating to SYSTEM privileges on the target system and Executes arbitrary code without user interaction with a CVSS score of 7.8.

Official announcement link:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220

Scope of Impact

The following are the affected product versions that focus on the vulnerability. For other products affected by the vulnerability, please refer to the official announcement link.

Vulnerability No.Affected Product Version
CVE-2022-22038  Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019  (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-22029
CVE-2022-22039  
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019  (Server Core installation)
Windows Server 2019
CVE-2022-30221  Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems Remote Desktop client for Windows Desktop
Windows Server 2019  (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-22034
CVE-2022-30220
CVE-2022-22047  
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019  (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-30215Windows Server 2016  (Server Core installation)
Windows Server 2016
Windows Server, version 20H2 (Server Core Installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019  (Server Core installation)
Windows Server 2019
CVE-2022-30216  Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems

Mitigation

Patch update

At present, Microsoft has officially released a security patch to fix the above vulnerabilities for supported product versions. It is strongly recommended that affected users install the patch as soon as possible for protection. The official download link:

https://msrc.microsoft.com/update-guide/en-us/releaseNote/2022-Jul

Note: Due to network problems, computer environment problems, etc., the patch update of Windows Update may fail. After installing the patch, the user should promptly check whether the patch is successfully updated.

Right-click the Windows icon, select “Settings (N)”, select “Update and Security” – “Windows Update”, and view the prompt information on this page. You can also click “View Update History” to view the historical update status.

For updates that are not successfully installed, you can click the update name to jump to the official Microsoft download page. It is recommended that users click the link on this page and go to the “Microsoft Update Catalog” website to download and install the independent package.

Appendix

Affected productCVE No.Vulnerability titleSeverity
Microsoft Graphics ComponentCVE-2022-30221Windows Graphics Component Remote Code Execution VulnerabilityCritical
Windows Network File SystemCVE-2022-22029Windows Network File System Remote Code Execution VulnerabilityCritical
Windows Network File SystemCVE-2022-22039Windows Network File System Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2022-22038Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
AMD CPU BranchCVE-2022-23825AMD: CVE-2022-23825 AMD CPU branch type confusionImportant
AMD CPU BranchCVE-2022-23816AMD:CVE-2022-23816 AMD CPU branch type confusionImportant
Azure Site RecoveryCVE-2022-33665Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33666Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33663Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33664Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33667Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33672Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33673Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33671Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33668Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33661Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33662Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33657Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33656Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33658Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33660Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33659Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33655Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33651Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33650Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33652Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33654Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33653Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33669Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33643Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-30181Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33676Azure Site Recovery Remote Code Execution VulnerabilityImportant
Azure Site RecoveryCVE-2022-33677Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33678Azure Site Recovery Remote Code Execution VulnerabilityImportant
Azure Site RecoveryCVE-2022-33642Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33674Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33675Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2022-33641Azure Site Recovery Elevation of Privilege VulnerabilityImportant
Azure Storage LibraryCVE-2022-30187Azure Repository Information Disclosure VulnerabilityImportant
Microsoft Defender for EndpointCVE-2022-33637Microsoft Defender Endpoint Tampering VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-22034Windows Graphics Components Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-30213Windows GDI+ Information Disclosure VulnerabilityImportant
Microsoft OfficeCVE-2022-33632Microsoft Office Security Feature Bypass VulnerabilityImportant
Open Source SoftwareCVE-2022-27776HackerOne:CVE-2022-27776 Insufficient Credential Protection Vulnerability Could Leak Authentication or Cookie Header DataImportant
Role: DNS ServerCVE-2022-30214Windows DNS Server Remote Code Execution VulnerabilityImportant
Role: Windows Fax ServiceCVE-2022-22024Windows Fax Service Remote Code Execution VulnerabilityImportant
Role: Windows Fax ServiceCVE-2022-22027Windows Fax Service Remote Code Execution VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-30223Windows Hyper-V Information Disclosure VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-22042Windows Hyper-V Information Disclosure VulnerabilityImportant
Skype for Business and Microsoft LyncCVE-2022-33633Skype for Business and Lync Remote Code Execution VulnerabilityImportant
Windows Active DirectoryCVE-2022-30215Active Directory Federation Services Elevation of Privilege VulnerabilityImportant
Windows Advanced Local Procedure CallCVE-2022-30202Windows Advanced Local Procedure Call Elevation of Privilege VulnerabilityImportant
Windows Advanced Local Procedure CallCVE-2022-30224Windows Advanced Local Procedure Call Elevation of Privilege VulnerabilityImportant
Windows Advanced Local Procedure CallCVE-2022-22037Windows Advanced Local Procedure Call Elevation of Privilege VulnerabilityImportant
Windows BitLockerCVE-2022-22711Windows BitLocker Information Disclosure VulnerabilityImportant
Windows BitLockerCVE-2022-22048BitLocker Security Feature Bypass VulnerabilityImportant
Windows Boot ManagerCVE-2022-30203Windows Boot Manager Security Feature Bypass VulnerabilityImportant
Windows Client/Server Runtime SubsystemCVE-2022-22026Windows CSRSS Elevation of Privilege VulnerabilityImportant
Windows Client/Server Runtime SubsystemCVE-2022-22049Windows CSRSS Elevation of Privilege VulnerabilityImportant
Windows Client/Server Runtime SubsystemCVE-2022-22047Windows CSRSS Elevation of Privilege VulnerabilityImportant
Windows Connected Devices Platform ServiceCVE-2022-30212Windows Connected Device Platform Services Information Disclosure VulnerabilityImportant
Windows Credential GuardCVE-2022-22031Windows Credential Guard Domain-Joining Public Key Escalation of Privilege VulnerabilityImportant
Windows Fast FAT DriverCVE-2022-22043Windows Fast FAT file system driver Elevation of Privilege VulnerabilityImportant
Windows Fax and Scan ServiceCVE-2022-22050Windows Fax service Elevation of Privilege VulnerabilityImportant
Windows Group PolicyCVE-2022-30205Windows Group Policy Elevation of Privilege VulnerabilityImportant
Windows IISCVE-2022-30209Windows IIS Server Elevation of Privilege VulnerabilityImportant
Windows IISCVE-2022-22025Windows Internet Information Services Cachuri Module Denial of Service VulnerabilityImportant
Windows IISCVE-2022-22040Internet Information Services Dynamic Compression Module Denial of Service VulnerabilityImportant
Windows KernelCVE-2022-21845Windows Kernel Information Disclosure VulnerabilityImportant
Windows MediaCVE-2022-22045Windows.Devices.Picker.dll Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2022-30225Windows Media Player Elevation of Privilege Vulnerability in Network Sharing ServicesImportant
Windows Network File SystemCVE-2022-22028Windows Web File System Information Disclosure VulnerabilityImportant
Windows Performance CountersCVE-2022-22036Performance counters for Windows Elevation of Privilege VulnerabilityImportant
Windows Point-to-Point Tunneling ProtocolCVE-2022-30211Windows L2TP Remote Code Execution VulnerabilityImportant
Windows Portable Device Enumerator ServiceCVE-2022-22023Windows Portable Device Enumerator Service Security Feature Bypass VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-30206Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-30226Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-22022Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-22041Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Security Account ManagerCVE-2022-30208Windows Security Accounts Manager (SAM) Denial of Service VulnerabilityImportant
Windows Server ServiceCVE-2022-30216Windows Server Service Tampering VulnerabilityImportant
Windows ShellCVE-2022-30222Windows Shell Remote Code Execution VulnerabilityImportant
Windows StorageCVE-2022-30220Windows Universal Journaling File System Driver Elevation of Privilege VulnerabilityImportant
XBoxCVE-2022-33644Xbox Live Save Service Elevation of Privilege VulnerabilityImportant

Statement

This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and/or indirect consequences and losses caused by transmitting and/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add/delete any information to/from it, or use this advisory for commercial purposes without permission from NSFOCUS.

About NSFOCUS

NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.

NSFOCUS works with Fortune Global 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).

A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.