Security
Headlines
HeadlinesLatestCVEs

Source

Microsoft Security Response Center

CVE-2022-35822: Windows Defender Credential Guard Security Feature Bypass Vulnerability

**What Security Feature could be bypassed by this vulnerability?** An attacker who successfully exploited this vulnerability could bypass Kerberos protection used by Defender Credential Guard.

Microsoft Security Response Center
#vulnerability#web#windows#Windows Defender Credential Guard#Security Vulnerability
CVE-2022-35821: Azure Sphere Information Disclosure Vulnerability

**What version of Azure Sphere has the update that protects from this vulnerability?** All versions of Azure Sphere that are 22.07 and higher are protected from this vulnerability. **How do I ensure my Azure Sphere device has the update?** If your device is new or has not been connected to the internet for a while, connect the device to a secure, private local network with internet access and allow the device to automatically update itself. If the device is already online, verify that the operating system version 21.07 has been installed using the Azure Sphere CLI command: azsphere device show-os-version If the device is connected to the internet and does not yet have the latest update, check the update status with the following Azure Sphere CLI command: azsphere device show-deployment-status **Azure Sphere is running on IoT devices in my environment. How do I know if any of those devices are affected by this vulnerability?** An IoT device that is running Azure Sphere and is ...

CVE-2022-35820: Windows Bluetooth Driver Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An authorized local attacker could exploit this Windows Bluetooth driver vulnerability by programmatically running certain functions to arbitrarily gain registry key creation and deletion in the bthport.sys driver.

CVE-2022-35826: Visual Studio Remote Code Execution Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. * In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

CVE-2022-35825: Visual Studio Remote Code Execution Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of the vulnerability requires that a user open a specially crafted file. * In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. * In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.

CVE-2022-35818: Azure Site Recovery Elevation of Privilege Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

CVE-2022-35791: Azure Site Recovery Elevation of Privilege Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

CVE-2022-35817: Azure Site Recovery Elevation of Privilege Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.

CVE-2022-35816: Azure Site Recovery Elevation of Privilege Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?** Successful exploitation of this vulnerability requires an attacker to compromise admin credentials to one of the VMs associated with the configuration server.