Summary
Microsoft recently released its March 2022 security updates, addressing a total of 71 vulnerabilities in various versions of its Windows operating system and related software, including three zero-day vulnerabilities. Additionally, three of the vulnerabilities are classified as Critical as they allow for remote code execution (RCE).
The March 2022 Critical Vulnerabilities are:
- CVE-2022-23277, a Microsoft Exchange Server RCE vulnerability
- CVE-2022-22006, an HEVC Video Extensions RCE vulnerability
- CVE-2022-24501, a VP9 Video Extensions RCE vulnerability
The number of bugs in each vulnerability category is shown below:
- 25 Elevation of Privilege Vulnerabilities
- 3 Security Feature Bypass Vulnerabilities
- 29 Remote Code Execution Vulnerabilities
- 6 Information Disclosure Vulnerabilities
- 4 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
- 21 Edge - Chromium Vulnerabilities
The publicly disclosed vulnerabilities patched are:
- CVE-2022-21990 - Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2022-24459 - Windows Fax and Scan Service Elevation of Privilege Vulnerability
- CVE-2022-24512 - .NET and Visual Studio Remote Code Execution Vulnerability
Neither CVE-2022-21990, CVE-2022-24459, nor CVE-2022-24512 has been identified in recent attacks, however, Microsoft stated that public proof-of-concept exploits exist for CVE-2022-21990 and CVE-2022-24459.
Microsoft also stated that threat actors are more likely to target CVE-2022-24508 - Windows SMBv3 Client/Server Remote Code Execution Vulnerability, and CVE-2022-23277 - Microsoft Exchange Server Remote Code Execution Vulnerability.
A full list of affected products is available at the Microsoft Updates website .
Analysis
Affected systems and versions for the specific vulnerabilities can be found at the Microsoft Security Updates website .
Potential Impact
The potential impact varies based upon each vulnerability; however, attackers
could gain control of an affected system, view, change, or delete data, create
new user accounts, or install programs on an affected system.
Please refer to the Microsoft Advisory page for specific details regarding each vulnerability addressed in this month’s updates.
Recommendations
Microsoft released software updates which address vulnerabilities for each of the affected products. Specific instructions are available for each vulnerability in the referenced advisory.
In addition to Microsoft's Patch Tuesday updates, other vendors published their monthly security updates:
- Google released Android's March security updates.
- Cisco released security updates for numerous products this month, including Cisco Cisco FXOS and NX-OS, StarOS, and Cisco Application Policy Infrastructure Controller.
- HP disclosed 16 UEFI firmware vulnerabilities that threat actors can use to install stealthy malware.
Recommends clients apply the software update as soon as possible after appropriate evaluation and testing have been completed.
References
https://msrc.microsoft.com/update-guide/releaseNote/2022-Marhttps://msrc.microsoft.com/update-guide/deployments
https://www.bleepingcomputer.com/news/microsoft/microsoft-march-2022-patch-tuesday-fixes-71-flaws-3-zero-days/
https://msrc.microsoft.com/update-guide/
No comments:
Post a Comment