Зарегистрируйтесь сейчас для лучшей персонализированной цитаты!

Microsoft Patch Tuesday: 86 flaws, four critical, one being used in attacks

13 июля 2022 г Hi-network.com
Image: Jetta Productions Inc/Getty Images

Microsoft has released its July 2022 Patch Tuesday update to address 84 flaws affecting Windows and two affecting its Chromium-based Edge browser. 

It's the first Patch Tuesday after Microsoft this week officially launched its Autopatch service for enterprise customers on Windows or Microsoft 365 E3 and E5 licenses. While Autopatch takes the legwork out of Patch Tuesday for admins with these licenses, Patch Tuesday rolls on for everyone else and enterprises that haven't enrolled devices in Autopatch. 

Windows 11

  • How to install Android apps on Windows 11
  • The best Windows laptops: Top notebooks, 2-in-1s, and ultraportables
  • How to recover deleted files in Windows 10 or 11
  • I hate Windows 11. How can I make it work more like Windows 10?

There are just four of the 84 Windows and Azure flaws that qualified as 'critical' with the remaining 80 rated as 'important'. One, which tracked as CVE-2022-22047, is already under attack. 

SEE:The 10 best Windows laptops: Top notebooks, 2-in-1s, and ultraportables

Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) discovered the zero-day flaw in the Windows Client Server Runtime Subsystem (CSRSS), which allows an attacker with low-level privileges to gain the highest SYSTEM-level privileges on all versions of Windows. Microsoft hasn't said how widely it is being exploited or how the attacks are taking place.

However, the CSRSS bug is one reason why Microsoft's decision to roll back its block on internet VBA macros in Office documents was controversial, according to Dustin Childs of the Zero Day Initiative. 

"Bugs of this type are typically paired with a code execution bug, usually a specially crafted Office or Adobe document, to take over a system. These attacks often rely on macros, which is why so many were disheartened to hear Microsoft's delay in blocking all Office macros by default," wrote Childs.  

Rapid7 notes that Microsoft fixed two other CRSS flaws (CVE-2022-22049 and CVE-2022-22026) likely after investigating the one that's already being exploited in the wild. 

The four critical flaws are remotely exploitable and include CVE-2022-22029 and CVE-2022-22039. These two affect network file system (NFS) servers. 

The third critical flaw (CVE-2022-22038) affects the Windows remote procedure call runtime while the fourth, CVE-2022-30221, affects the Windows graphics component and could be useful for ransomware attackers that target victims through remote desktop protocol (RDP). 

"An attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim's system in the context of the targeted user," Microsoft warns. 

But the issue only affects Windows 7 Service Pack 1 or Windows Server 2008 R2 Service Pack 1 if RDP 8.0 or RDP 8.1 is installed.

Additionally, an unusually large 32 vulnerabilities affect the Microsoft Azure Site Recovery service, Microsoft's disaster recovery service for cloud with replication, recovery and failover features.

Researchers at security firm Tenable reported CVE-2022

tag-icon Горячие метки: Технологии и оборудование Безопасность и охрана

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.