Microsoft released patches for critical vulnerabilities on Patch Tuesday
Microsoft released the monthly report of security updates on patch Tuesday and highlighted 68 vulnerabilities which include patches for six exploited zero days.
11 of these 68 vulnerabilities have been categorized as critical considering the risk and exploit availabilities. These vulnerabilities include RCE (Remote Code Execution), privilege escalation, spoofing, and recently disclosed buffer overflow vulnerability in OpenSSL.
The patches also include CVE-2022-41040 and CVE-2022-41082 affecting Microsoft Exchange Server. The CVE-2022-41040 and CVE-2022-41082 also called as ProxyNotShell vulnerabilities were being actively exploited by Chinese threat actors since they were found.
Microsoft stated that consumers are recommended to update their Exchange Server systems at the earliest, irrespective of what mitigation steps have been used in past as primary security control. These mitigation steps are no longer essential once servers are updated with the latest patch.
Below are some of the actively exploited vulnerabilities, allowing privilege elevation, code injection, and remote code execution.
- CVE-2022-41040: MS Exchange Server Elevation of Privilege Vulnerability
- CVE-2022-41082: MS Exchange Server Elevation of Privilege Vulnerability
- CVE-2022-39327: Improper Control of Generation of Code (Code Injection) in Azure CLI
- CVE-2022-37967: Win Kerberos Elevation of Privilege Vulnerability
- CVE-2022-41128: Win Scripting Languages Remote Code Execution Vulnerability
- CVE-2022-41125: Win CNG Key Isolation Service Elevation of Privilege Vulnerability
- CVE-2022-41073: Win Print Spooler Elevation of Privilege Vulnerability
- CVE-2022-41039: Win Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
- CVE-2022-41091: Win Mark of the Web Security Feature Bypass Vulnerability
This update of Microsoft also remediates remote code execution vulnerabilities in Microsoft products such as Excel, Word, ODBC Driver, Office Graphics, SharePoint Server, and Visual Studio, as well as privilege escalation vulnerabilities in Win32k, Overlay Filter, and Group Policy.
Considering the increase in attacks, other vendors have also released security patches to remediate vulnerabilities in their platforms such as AMD, Apple, Cisco, Dell, F5, HP, IBM, Intel, SAP, Meditek, etc.