Microsoft Fixes 71 Bugs Including Three Zero Days

Security

Microsoft has released fixes for a relatively small number of CVEs this month, with only three critical bugs and three publicly disclosed flaws in the Patch Tuesday roundup.

None of the three zero days have been exploited in the wild. They include CVE-2022-24512, a remote code execution (RCE) vulnerability in .NET and Visual Studio.

“According to Microsoft, this vulnerability requires ‘under interaction’ to exploit, meaning that an attacker would likely need to upload a payload to a vulnerable system and then execute it remotely, rather than attacking the service directly,” explained Recorded Future senior security architect, Allan Liska.

“This is likely why Microsoft has assigned it a criticality level of ‘Important’ and rated it as ‘exploitation less likely.’”

Another zero-day patched this month is CVE-2022-24459, an elevation of privilege vulnerability in Microsoft’s Fax and Scan Service, which is also rated “exploitation less likely.”

The final one is CVE-2022-21990, another RCE bug but this time in the Remote Desktop Client and rated “exploitation more likely.”

It’s one of three CVEs this month impacting the remote desktop protocol (RDP), which has been heavily targeted during the pandemic.

“With the increase in remote working driving the expansion of the attack surface presented by RDP, a trio of RCE vulnerabilities affecting this protocol should be on security teams’ radar,” argued Kev Breen, director of cyber-threat research at Immersive Labs.

“CVE-2022-23285, CVE-2022-21990 and CVE-2022-24503 are a potential concern especially as this infection vector is commonly used by ransomware actors. While exploitation is not trivial, requiring an attacker to set up bespoke infrastructure, it still presents enough of a risk to be a priority.”

Breen also flagged critical vulnerability CVE-2022-23277 as a priority.

“While requiring authentication, this vulnerability affecting on-premises Exchange servers could potentially be used during lateral movement into a part of the environment which presents the opportunity for business email compromise or data theft from email,” he said.

Products You May Like

Articles You May Like

New Bootkit “Bootkitty” Targets Linux Systems via UEFI
AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections
Cyber-Attacks Could Impact Romanian Presidential Race, Officials Claim
Protecting Tomorrow’s World: Shaping the Cyber-Physical Future
GodLoader Malware Infects Thousands via Game Development Tools

Leave a Reply

Your email address will not be published. Required fields are marked *