Microsoft Update released today to close nearly 120 security holes Windows and supporting software. Six of the vulnerabilities have been publicly detailed, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. Even more worrying, Microsoft warned that one of the vulnerabilities fixed this month is “wormable,” meaning that an attack can spread from one vulnerable Windows machine to another without human intervention.
Nine vulnerabilities fixed by this month’s Patch Tuesday received a “critical” rating from Microsoft, meaning they could be exploited by malware or criminals to gain remote access to vulnerable Windows systems without user assistance.
In any case, the most serious flaw addressed today is CVE-2022-21907, “HTTP stack. ” Microsoft says the vulnerability affects Windows 10 and Windows 11, also Server 2019 and Server 2022.
“While this is definitely more server-centric, keep in mind that Windows clients can also run http.sys, so all affected versions are affected by this bug,” said Dustin Childs from Trend Micro’s Zero Day Program. “Quickly test and deploy this patch.”
Really fast. In May 2021, Microsoft patched an equally severe and wormable vulnerability in the HTTP stack; less than a week later, computer code written to exploit the vulnerability be posted online.
Microsoft also fixes three other remote code execution vulnerabilities exchange server, the technology used by hundreds of thousands of organizations around the world to manage their email. Exchange vulnerabilities are a prime target for malicious hackers. About a year ago, hundreds of thousands of Exchange servers around the world were hit with malware after attackers began massively exploiting four zero-day vulnerabilities in Exchange.
The limiting factor for the three newly discovered Exchange vulnerabilities, Microsoft said, is that attackers need to be tied to the target network in some way to exploit them.but satnanarang exist stand up Note that Microsoft has marked all three Exchange flaws as “more likely to be exploited”.
“One of the flaws, CVE-2022-21846, disclosed by Microsoft to Microsoft National Security Agency,” Narang said. “Despite the ratings, Microsoft noted that the attack vectors are contiguous, which means more errands for attackers, unlike the remotely exploitable ProxyLogon and ProxyShell vulnerabilities. “
security company fast 7 Points out that about a quarter of this month’s security updates address Microsoft’s vulnerabilities edge Via the Chromium browser.
“Although 6 of them were publicly disclosed prior to today, none of them have been seen exploited in the wild,” Rapid7’s Greg Wiseman Say. “This includes two remote code execution vulnerabilities affecting open source libraries bundled with the latest version of Windows: CVE-2021-22947, which affects the curl library, and CVE-2021-36976 This affects library archives. “
Wiseman Says Slightly Scary Than HTTP Stack Vulnerability CVE-2022-21840, which affects all supported versions of Office as well as Sharepoint Server.
“Exploitation requires social engineering to trick victims into opening attachments or visiting malicious websites,” he said. “Thankfully, the Windows Preview Pane is not a vector for this kind of attack.”
Other patches include fixes .NET Framework, Microsoft Dynamics, Windows Hyper-V, Windows Defender, and Windows Remote Desktop Protocol (RDP). as usual, SANS Internet Storm Center there is one Breakdown of each patch by severity and impact.
Standard Disclaimer: Before updating Windows, Please Make sure you have backed up your system and/or important files. It’s not uncommon for Windows update packages to corrupt a system or prevent it from starting properly, and some updates have been known to wipe or corrupt files.
So do yourself a favor and make a backup before installing any patches. Windows 10 even has some Built-in tools Helps you do this, either on a per file/folder basis or by making a full and bootable hard drive copy all at once.
If you want to make sure Windows is set to pause updates so you can back up your files and/or system before the OS decides to reboot and install patches on its own schedule, see this guide.
If you’re experiencing glitches or issues installing any of these patches this month, please consider leaving a comment below; there’s a good chance that other readers have had the same experience and may offer helpful tips here.
