Microsoft addressed a total of 128 vulnerabilities in various products and components in an usual patch Tuesday update. At least ten of them are critical, at least two of them were known prior to the patch release, and at least one of them was already being actively exploited by unknown attackers. This is why updating the operating system and other items as soon as possible is a good idea.
The most serious security flaws
CVE-2022-24521 appears to be the most hazardous of the lot, based on the information currently available. It’s a flaw in the Windows Common Log File System (CLFS) driver that can lead to privilege escalation. Despite a CVSS:3.1 grade of 7.8, it’s rather simple to exploit. Which is exactly what some unknown attackers are doing right now.
Another privilege elevation vulnerability, CVE-2022-26904, is found in the Windows User Profiles system service. It also receives a poor score on the CVSS:3.1 scale (7.0). However, because this vulnerability was discovered before to the update’s deployment, it’s reasonable to anticipate that potential attackers will be able to exploit it sooner than the others.
The huge update resolves all critical-level vulnerabilities in Windows that are linked to remote code execution (RCE). The highest severity rating — 9.8 points — goes to CVE-2022-26809 in the Windows Remote Procedure Call Runtime Library, as well as CVE-2022-24491 and CVE-2022-24497 in the Network File Access Protocol.
According to some experts, the latter three vulnerabilities might be wormable, meaning they could be exploited to spread self-propagating attacks over the network.
To recap, Microsoft released patches for 128 vulnerabilities across a wide range of products and components, including the Edge browser, Defender, Office, Exchange, Sharepoint Server, Visual Studio, and many others. We recommend that you go through the whole list of impacted items (spoiler: it’s a large one) and prioritise the most important upgrades for the products you use.
How to Keep Yourself Safe
The most reasonable move, in an ideal world, would be to install all updates right away. Of course, in practice, this isn’t always practical; some businesses need to test upgrades before implementing them throughout their whole infrastructure. We recommend that you read the Mitigations portions of the official Microsoft bulletins in this situation. The entire list of vulnerabilities, as well as more extensive information regarding them, is accessible on the company’s website in the update description.
From our perspective, we propose that all PCs and servers linked to the Internet utilize dependable security solutions, ideally those that employ technologies capable of detecting the exploitation of vulnerabilities, both known and new.
” This blog offers generic information. By no means, it is professional advice. The information aforementioned is believed to be factually correct. The information provided is solely based on the author’s judgment and is subject to change. This is not endorsed by any 3rd parties or other brands.”
Article Credits –
kaspersky.com
#Windows #Vulnerabilities #Microsoft #
