Microsoft rolled out its monthly security updates on Tuesday with fixes for 51 vulnerabilities through its software suite consisting of Windows, Office, Teams, Azure Data Explorer, Visual Studio Code and other components such as Kernel and Win32k.
Of the 51 closed flaws, 50 are rated important and one is rated moderate in severity, making this one of the few Patch Tuesday updates without any fixes for critical vulnerabilities. This is also in addition to 19 other faults the company addressed in its Chromium-based Edge browser.
None of the security vulnerabilities are listed as under active exploit, while flaws – CVE-2022-21989 (CVSS score: 7.8) – has been classified as a publicly disclosed day zero at the time of publication. The issue involves a privilege escalation bug in the Windows kernel, with Microsoft warning of potential attacks exploiting this loophole.
“Successful exploitation of this vulnerability requires an attacker to take additional steps prior to exploitation to prepare the target environment,” the company noted in its advisory. “A successful attack could be performed from a low-privilege AppContainer. The attacker could elevate their privileges and run code or access resources at a higher integrity level than the AppContainer runtime .”
A number of remote code execution vulnerabilities affecting Windows DNS Server have also been addressed (CVE-2022-21984CVSS score: 8.8), SharePoint Server (CVE-2022-22005CVSS score: 8.8), Windows Hyper-V (CVE-2022-21995CVSS score: 5.3) and HEVC video extensions (CVE-2022-21844, CVE-2022-21926and CVE-2022-21927CVSS scores: 7.8).
The security update also resolves an Azure Data Explorer spoofing vulnerability (CVE-2022-23256CVSS score: 8.1), two security bypass vulnerabilities each affecting Outlook for Mac (CVE-2022-23280CVSS score: 5.3) and OneDrive for Android (CVE-2022-23255CVSS score: 5.9), and two denial of service vulnerabilities in .NET (CVE-2022-21986CVSS score: 7.5) and Teams (CVE-2022-21965CVSS score: 7.5).
Microsoft also said it fixed multiple privilege escalation flaws – four in the print spooler a service and one in the Win32k driver (CVE-2022-21996CVSS score: 7.8), the latter having been labeled “Exploitation more likely” in light of a similar vulnerability in the same component that was patched last month (CVE-2022-21882) and has since gone viral. object of active attack.
The updates come as the tech giant late last month reposted a vulnerability dating back to 2013 – a signature validation issue affecting WinVerifyTrust (CVE-2013-3900) – noting that the fix is ”available as an activation feature through the registration key setting, and is available on supported editions of Windows released since December 10, 2013″.
This move may have been spurred in response to an ongoing ZLoader malware campaign which, as Check Point Research revealed in early January, turned out to take advantage of the flaw to bypass the signature verification mechanism. files and remove malware capable of siphoning user credentials and other sensitive information. .
Software patches from other vendors
Apart from Microsoft, security updates have also been released by other vendors to address several vulnerabilities, namely –