Microsoft Patch Tuesday Vulnerabilites

Microsoft Patch Tuesday Vulnerabilites

Microsoft released patches for more than 100 vulnerabilities on 12 April 2022. Nine of those vulnerabilities have been assessed as “critical” (CVE-2022-22008, CVE-2022-23257, CVE-2022-23259, CVE-2022-24500, CVE-2022-24491, CVE-2022-24357, CVE-2022-24541, CVE-2022-26809, CVE-2022-26919) by Microsoft (these are all remote code execution vulnerabilities).

Additionally, two other vulnerabilities have been stated as “zero-day vulnerabilities” (CVE-2022-24501, CVE-2022-26904). It is highly recommended that the following patches are downloaded to ensure the safety of systems/assets.

Affected Systems

The following servers/systems are affected by these vulnerabilities;

• .NET Framework
• Active Directory Domain Services
• Azure SDK
• Azure Site Recovery
• LDAP - Lightweight Directory Access Protocol
• Microsoft Bluetooth Driver
• Microsoft Dynamics
• Microsoft Edge (Chromium-based)
• Microsoft Graphics Component
• Microsoft Local Security Authority Server (lsasrv)
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Windows ALPC
• Microsoft Windows Codecs Library
• Microsoft Windows Media Foundation
• Power BI
• Role: DNS Server
• Role: Windows Hyper-V
• Skype for Business
• Visual Studio
• Visual Studio Code
• Windows Ancillary Function Driver for WinSock
• Windows App Store
• Windows AppX Package Manager
• Windows Cluster Client Failover
• Windows Cluster Shared Volume (CSV)
• Windows Common Log File System Driver
• Windows Defender
• Windows DWM Core Library
• Windows Endpoint Configuration Manager
• Windows Fax Compose Form
• Windows Feedback Hub
• Windows File Explorer
• Windows File Server
• Windows Installer
• Windows iSCSI Target Service
• Windows Kerberos
• Windows Kernel
• Windows Local Security Authority Subsystem Service
• Windows Media
• Windows Network File System
• Windows PowerShell
• Windows Print Spooler Components
• Windows RDP
• Windows Remote Procedure Call Runtime
• Windows schannel
• Windows SMB
• Windows Telephony Server
• Windows Upgrade Assistant
• Windows User Profile Service
• Windows Win32K
• Windows Work Folder Service
• YARP reverse proxy

IoC’s

-

Recommended Solution(s)

It is recommended that for the critical and zero-day vulnerabilities, organizations using the specified products download the patches in the links in the related websites section below. For the other vulnerabilities, organizations can download the patches from Microsoft webpage stated below;

CVE / CWE

CVE-2022-22008, CVE-2022-23257, CVE-2022-23259, CVE-2022-24500, CVE-2022-24491, CVE-2022-24357, CVE-2022-24541, CVE-2022-26809, CVE-2022-26919, CVE-2022-24501, CVE-2022-26904

Related Website(s)

• https://www.tenable.com/blog/microsofts-april-2022-patch-tuesday-addresses-117-cves-cve-2022-24521
• https://www.zdnet.com/article/microsoft-april-2022-patch-tuesday-two-zero-day-vulnerabilities-tackled/
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22008
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23257
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23259
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24500
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24537
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24541
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26919
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24521
• https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-26904

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.