Short News:-
These included fixes for 51 vulnerabilities in Windows and Office software, among others. One vulnerability in the Windows kernel that could be exploited by cybercriminals is still listed as a publicly disclosed zero-day vulnerability. These included Windows and Office software, Teams collaboration software, Azure Data Explorer, Visual Studio Code, as well as other components such as Kernel and Win32k. Several elevations of privilege flaws have been addressed, including four in the Print Spooler service and Win32k driver. Microsoft recently republished a 2013 vulnerability, noting that the fix is "available as an opt-in feature via registry key setting and is available on supported editions of Windows released since December 10, 2013."
Detailed News:-
It was announced on Tuesday that Microsoft had released its monthly security updates, which included fixes for 51 vulnerabilities in a wide range of its software products. These included Windows and Office software, Teams collaboration software, Azure Data Explorer, Visual Studio Code, as well as other components such as Kernel and Win32k. Microsoft's monthly security updates are available for download from this page.
Smishing Campaigns Target Europeans with 'Roaming Mantis' Android Malware
One of Patch Tuesday's rare updates that do not contain any fixes for Critical-rated vulnerabilities has 51 defects that have been closed, 50 of which are of Important severity and one of which is of moderate severity. A total of 19 additional flaws in Microsoft's Edge browser have also been addressed.
The CVE-2022-21989 (CVSS score: 7.8) zero-day vulnerability was listed as a publicly disclosed zero-day vulnerability at the time of the release, and it is still listed as such today. An advisory has been issued by Microsoft concerning an unpatched vulnerability in the Windows Kernel that could be exploited by cybercriminals.
It is necessary for an attacker to take additional steps before successfully exploiting this vulnerability if they want to achieve success. According to the company's advisory, this is the situation. "Application Containers with restricted privileges may be used in an attack. The attacker may be able to gain access to resources or execute code with a higher integrity level than the AppContainer execution environment permits."
There are a number of remote code execution flaws that affect Windows DNS Server (CVE-2022-21984, CVSS score: 8.8) and SharePoint Server (CVE-2022-22005), as well as HEVC Video Extensions (CVE-2022-21984, CVSS score: 8.8), among other things (CVE-2022-21995, CVSS score: 5.3). Several vulnerabilities (CVE-2022-21844, CVE-2022-21926, and CVE-2022-21927, CVSS scores: 7.8) were discovered.
Several other vulnerabilities, including a spoofing vulnerability in Azure Data Explorer (CVE-2022-23256, CVSS score: 8.1) and two security bypass vulnerabilities in OneDrive for Android (CVE-2022-23255, CVSS score: 5.9), as well as two.NET denial of service vulnerabilities (CVE-2022-21986, CVSS score: 7.5) and Teams denial of service vulnerabilities (CVE-2022-21986, CVSS score: 7.5), have been fixed (CVE-2022-21965, CVSS score: 7.5).
Multiple elevations of privilege flaws have also been addressed by Microsoft, including four in the Print Spooler service and one in the Win32k driver (CVE-2022-21996, CVSS score: 7.8), the latter of which has been labeled "Exploitation More Likely" in light of a similar vulnerability in the same component that was patched just a few weeks ago (CVE-2022-21882) and has since been actively exploited.
The patch for WinVerifyTrust (CVE-2013-3900) was released in conjunction with the release of the WinVerifyTrust patches. Microsoft recently republished a 2013 vulnerability, noting that the fix is "available as an opt-in feature via registry key setting and is available on supported editions of Windows released since December 10, 2013."
Some speculate that the move was prompted by an ongoing ZLoader malware campaign, which was discovered by Check Point Research in early January and which was exploiting a flaw discovered by Check Point Research to bypass the file signature verification mechanism and drop malware capable of stealing user credentials and other sensitive information, according to some sources.
Post a Comment
Your suggestions and comments are welcome