Headline
Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released
By Waqas The latest edition of Patch Tuesday offers fixes for 7 critical flaws, including 5 RCE (remote code execution)… This is a post from HackRead.com Read the original post: Microsoft Patch Tuesday: Fixes for 0-Day and 74 Other Flaws Released
The latest edition of Patch Tuesday offers fixes for 7 critical flaws, including 5 RCE (remote code execution) bugs and 2 EoP (elevation of privilege) flaws, and 67 other relatively minor flaws.
Microsoft has released its May 2022 Patch Tuesday update. This time, the company has released fixes for 74 new security flaws, including a Windows LSA Spoofing Vulnerability.
According to the Redmond-based tech giant Microsoft, this vulnerability was being actively exploited in the wild. It is worth noting that Microsoft releases patches for its products on every month’s second Tuesday, hence the name Patch Tuesday.
Which Products Received Patches?
May’s security update involves patches for several components of the Windows OS such as the Visual Studio platform, the .NET platform, MS Office, Exchange Server, Remote Desktop Client, Windows Hyper-V, Windows Authentication Methods, BitLocker, Windows Point-to-Point Tunneling Protocol, MS Edge, and NTFS. A Beijing-based cybersecurity firm Cyber-Kunlun reported 30 out of the 74 vulnerabilities.
Details of the Fixes
Apart from the abovementioned vulnerability, the latest edition of Patch Tuesday offers fixes for seven critical flaws, including 5 RCE (remote code execution) bugs and 2 EoP (elevation of privilege) flaws, and 67 other relatively minor flaws. Furthermore, the tech giant has fixed issues related to Denial of Service, security feature bypasses, information exposure, and spoofing.
Critical Flaws Fixed in May 2022 Patch Tuesday
Here is a detailed analysis of the most ‘important’ and ‘critical’ flaws patched by Microsoft in its latest update.
CVE-2022-26925
This is the only actively exploited flaw in this list. It lets threat actors perform a Man-in-the-Middle attack by infusing a method on the LSARPC interface and forcing the domain controller to authenticate the attacker using NTLM.
The flaw was identified in a central component of the Windows Local Security Authority process and impacted Windows 7 to 10 and Windows Server OS 2008 to 2022. Microsoft gave it a CVSS severity score of 8.1, noting that if used in combination with NTLM, the CVSS score will climb to 9.8.
CVE-2022-26923
This critical vulnerability inserts crafted data into an original certificate request to exploit certificate issuance and lets the attack obtain a certificate to authenticate a domain controller with elevated privileges and become a domain admin. This flaw was given a CVSS score of 8.8.
CVE-2022-26937 and CVE-2022-29972
These vulnerabilities (1 & 2) are noteworthy since the first one is an RCE flaw in the Windows NFS (network file system) and targets methods used in mixed OS environments. In contrast, the second flaw is identified in the Magnitude Simba Amazon Redshift ODBC Driver.
CVE-2022-22713
It is given a CVSS score of 5.6 and according to Microsoft, it is a Windows Hyper-V Denial-of-Service issue. Successful exploitation of this vulnerability requires an attacker to win a race condition.
Additionally, several RCE bugs were also patched in this update. These include CVE-2022-22012, CVE-2022-29130 in Windows LDAP, CVE-2022-26927 in Windows Graphics, CVE-2022-29133 in Windows Kernel, CVE-2022-22019 in Remote Procedure Call Runtime, and CVE-2022-30129 in Visual Studio Code.
More Microsoft Security News
- Attackers exploiting Windows Installer vulnerability despite patching
- Attackers bypass Microsoft security patch to drop Formbook malware
- Microsoft Patches 85 Flaws, One Allowed FinFisher Spyware Installation
- Microsoft warns of Azure vulnerability which exposed users to data theft
- Unpatched Microsoft Exchange Servers abused in a new phishing campaign
I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism
Related news
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! (Read more...) The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch
Hello everyone! This will be an episode about the Microsoft vulnerabilities that were released on June Patch Tuesday and also between May and June Patch Tuesdays. Alternative video link (for Russia): https://vk.com/video-149273431_456239094 On June Patch Tuesday, June 14, 56 vulnerabilities were released. Between May and June Patch Tuesdays, 38 vulnerabilities were released. This gives us 94 […]
Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized. The post Update now! Microsoft patches Follina, and many other security updates appeared first on Malwarebytes Labs.
Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.
Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes to sandboxed ephemeral instances and using scoped tokens to prevent adversaries from using a client
Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I’m using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch […]
Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.
Microsoft's May Patch Tuesday update is triggering authentication errors.
May's Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones. The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.
May's Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones. The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.
May's Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones. The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.
May's Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones. The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of
Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month's patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows.
Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month's patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows.
Microsoft's May 2022 Patch Tuesday contains several bugs in ubiquitous software that could affect millions of machines, researchers warn.
Remote Procedure Call Runtime Remote Code Execution Vulnerability.
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.
Active Directory Domain Services Elevation of Privilege Vulnerability.
Windows Hyper-V Denial of Service Vulnerability.
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142.
Visual Studio Code Remote Code Execution Vulnerability.
Visual Studio Code Remote Code Execution Vulnerability.
Windows Network File System Remote Code Execution Vulnerability.
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29142.
Windows LDAP Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29131, CVE-2022-29137, CVE-2022-29139, CVE-2022-29141.
Windows Graphics Component Remote Code Execution Vulnerability.
By Jon Munshaw, with contributions from Jaeson Schultz. Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]
By Jon Munshaw, with contributions from Jaeson Schultz. Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]
By Jon Munshaw, with contributions from Jaeson Schultz. Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]
Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2022-29972, has been codenamed "SynLapse" by researchers from Orca Security, who reported the flaw to Microsoft in January 2022. <!--adsense--> "The vulnerability was specific to
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift JDBC Driver 1.2.40 through 1.2.55 may allow a local user to execute code. NOTE: this is different from CVE-2022-29972.
An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code.
Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a whole. The vulnerability could … Vulnerability mitigated in the third-party Data Connector used in Azure Synapse pipelines and Azure Data Factory (CVE-2022-29972) Read More »
Summary Summary Microsoft recently mitigated a vulnerability in Azure Data Factory and Azure Synapse pipelines. The vulnerability was specific to the third-party Open Database Connectivity (ODBC) driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime (IR) and did not impact Azure Synapse as a whole.