Microsoft April 2022 Patch Tuesday
This month we got patches for 145 vulnerabilities. Of these, 10 are critical, 1 was previously disclosed, and one is already being exploited according to Microsoft.
The exploited vulnerability is an Elevation of Privilege on Windows Common Log File System Driver (CVE-2022-24521). There are no details about the vulnerability in the advisory. It is rated as important and has a CVSS of 7.80.
Among critical vulnerabilities, there is a Remote Code Execution (RCE) affecting Windows Network File System (CVE-2022-24497). To exploit this vulnerability, an attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution. The vulnerability is only exploitable for systems that have the NFS role enabled. More information about NFS is available at https://docs.microsoft.com/en-us/windows-server/storage/nfs/nfs-overview and information about installing and uninstalling Roles Services is available at https://docs.microsoft.com/en-us/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features#install-roles-role-services-and-features-by-using-the-add-roles-and-features-wizard.
But there's another vulnerability even more worrying: an RCE affecting Remote Procedure Call Runtime (CVE-2022-26809). According to the advisory, exploitation of this vulnerability could result in remote code execution on the server-side with the same permissions as the RPC service. The vulnerability requires no user interaction, requires no privilege, has a low attack complexity and the attack vector is network. Due to those characteristics, this is a potential wormable vulnerability. The mitigation for the vulnerability is blocking port TCP/445 or protecting it as much as possible - mainly from access coming from the Internet. The exploitability is 'More Likely' but there is no exploitation detected according to Microsoft. The CVSS is 9.80.
The already disclosed vulnerability affects Windows User Profile Service (CVE-2022-26904). According to the advisory, despite not requiring user interaction, the attack complexity for this vulnerability is high. The vulnerability's exploitability is 'More Likely' and its CVSS is 7.00
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/
April 2022 Security Updates
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET Framework Denial of Service Vulnerability | |||||||
CVE-2022-26832 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Azure SDK for .NET Information Disclosure Vulnerability | |||||||
CVE-2022-26907 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.8 |
Azure Site Recovery Information Disclosure Vulnerability | |||||||
CVE-2022-26896 | No | No | Less Likely | Less Likely | Important | 4.9 | 4.3 |
CVE-2022-26897 | No | No | Less Likely | Less Likely | Important | 4.9 | 4.3 |
Azure Site Recovery Remote Code Execution Vulnerability | |||||||
CVE-2022-26898 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
Chromium: CVE-2022-1125 Use after free in Portals | |||||||
CVE-2022-1125 | No | No | - | - | - | ||
Chromium: CVE-2022-1127 Use after free in QR Code Generator | |||||||
CVE-2022-1127 | No | No | - | - | - | ||
Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API | |||||||
CVE-2022-1128 | No | No | - | - | - | ||
Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode | |||||||
CVE-2022-1129 | No | No | - | - | - | ||
Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP | |||||||
CVE-2022-1130 | No | No | - | - | - | ||
Chromium: CVE-2022-1131 Use after free in Cast UI | |||||||
CVE-2022-1131 | No | No | - | - | - | ||
Chromium: CVE-2022-1133 Use after free in WebRTC | |||||||
CVE-2022-1133 | No | No | - | - | - | ||
Chromium: CVE-2022-1134 Type Confusion in V8 | |||||||
CVE-2022-1134 | No | No | - | - | - | ||
Chromium: CVE-2022-1135 Use after free in Shopping Cart | |||||||
CVE-2022-1135 | No | No | - | - | - | ||
Chromium: CVE-2022-1136 Use after free in Tab Strip | |||||||
CVE-2022-1136 | No | No | - | - | - | ||
Chromium: CVE-2022-1137 Inappropriate implementation in Extensions | |||||||
CVE-2022-1137 | No | No | - | - | - | ||
Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor | |||||||
CVE-2022-1138 | No | No | - | - | - | ||
Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API | |||||||
CVE-2022-1139 | No | No | - | - | - | ||
Chromium: CVE-2022-1143 Heap buffer overflow in WebUI | |||||||
CVE-2022-1143 | No | No | - | - | - | ||
Chromium: CVE-2022-1145 Use after free in Extensions | |||||||
CVE-2022-1145 | No | No | - | - | - | ||
Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing | |||||||
CVE-2022-1146 | No | No | - | - | - | ||
Chromium: CVE-2022-1232 Type Confusion in V8 | |||||||
CVE-2022-1232 | No | No | - | - | - | ||
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | |||||||
CVE-2022-24489 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | |||||||
CVE-2022-24479 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
DiskUsage.exe Remote Code Execution Vulnerability | |||||||
CVE-2022-26830 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account | |||||||
CVE-2022-24767 | No | No | Less Likely | Less Likely | Important | ||
GitHub: Uncontrolled search for the Git directory in Git for Windows | |||||||
CVE-2022-24765 | No | No | Less Likely | Less Likely | Important | ||
HEVC Video Extensions Remote Code Execution Vulnerability | |||||||
CVE-2022-24532 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Local Security Authority (LSA) Elevation of Privilege Vulnerability | |||||||
CVE-2022-24496 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Defender Denial of Service Vulnerability | |||||||
CVE-2022-24548 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | |||||||
CVE-2022-23259 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||||
CVE-2022-24475 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26891 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26894 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26895 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26900 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26908 | No | No | Less Likely | Less Likely | Important | 8.3 | 7.2 |
CVE-2022-26909 | No | No | Less Likely | Less Likely | Moderate | 8.3 | 7.2 |
CVE-2022-26912 | No | No | Less Likely | Less Likely | Moderate | 8.3 | 7.2 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||||
CVE-2022-24523 | No | No | Less Likely | Less Likely | Moderate | 4.3 | 3.8 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2022-24473 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26901 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||||||
CVE-2022-24493 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Power BI Spoofing Vulnerability | |||||||
CVE-2022-23292 | No | No | Less Likely | Less Likely | Important | 5.9 | 5.2 |
Microsoft SharePoint Server Spoofing Vulnerability | |||||||
CVE-2022-24472 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
PowerShell Elevation of Privilege Vulnerability | |||||||
CVE-2022-26788 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Remote Desktop Protocol Remote Code Execution Vulnerability | |||||||
CVE-2022-24533 | No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||||
CVE-2022-24528 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2022-24492 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2022-26809 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
Skype for Business Information Disclosure Vulnerability | |||||||
CVE-2022-26911 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Skype for Business and Lync Spoofing Vulnerability | |||||||
CVE-2022-26910 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
Visual Studio Code Elevation of Privilege Vulnerability | |||||||
CVE-2022-26921 | No | No | Less Likely | Less Likely | Important | 7.3 | 6.4 |
Visual Studio Elevation of Privilege Vulnerability | |||||||
CVE-2022-24513 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Win32 File Enumeration Remote Code Execution Vulnerability | |||||||
CVE-2022-24485 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Win32 Stream Enumeration Remote Code Execution Vulnerability | |||||||
CVE-2022-21983 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2022-24534 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2022-26914 | No | No | More Likely | More Likely | Important | 7.8 | 7.0 |
Windows ALPC Elevation of Privilege Vulnerability | |||||||
CVE-2022-24482 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
CVE-2022-24540 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||||
CVE-2022-24494 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows AppX Package Manager Elevation of Privilege Vulnerability | |||||||
CVE-2022-24549 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Bluetooth Driver Elevation of Privilege Vulnerability | |||||||
CVE-2022-26828 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | |||||||
CVE-2022-24484 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2022-24538 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2022-26784 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||||
CVE-2022-24521 | No | Yes | Detected | Detected | Important | 7.8 | 7.2 |
CVE-2022-24481 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows DNS Server Information Disclosure Vulnerability | |||||||
CVE-2022-26816 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows DNS Server Remote Code Execution Vulnerability | |||||||
CVE-2022-26811 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26812 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.5 |
CVE-2022-26813 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-24536 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26814 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.9 |
CVE-2022-26815 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26817 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26818 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26819 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26820 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26821 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26822 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.8 |
CVE-2022-26823 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26824 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26825 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26826 | No | No | Less Likely | Less Likely | Important | 7.2 | 6.3 |
CVE-2022-26829 | No | No | Less Likely | Less Likely | Important | 6.6 | 5.9 |
Windows DWM Core Library Elevation of Privilege Vulnerability | |||||||
CVE-2022-24546 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Desktop Bridge Elevation of Privilege Vulnerability | |||||||
CVE-2022-24488 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Digital Media Receiver Elevation of Privilege Vulnerability | |||||||
CVE-2022-24547 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Direct Show - Remote Code Execution Vulnerability | |||||||
CVE-2022-24495 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability | |||||||
CVE-2022-24527 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Fax Compose Form Remote Code Execution Vulnerability | |||||||
CVE-2022-26916 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26917 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26918 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows File Explorer Elevation of Privilege Vulnerability | |||||||
CVE-2022-26808 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows File Server Resource Management Service Elevation of Privilege Vulnerability | |||||||
CVE-2022-26810 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26827 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Graphics Component Information Disclosure Vulnerability | |||||||
CVE-2022-26920 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Graphics Component Remote Code Execution Vulnerability | |||||||
CVE-2022-26903 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Hyper-V Denial of Service Vulnerability | |||||||
CVE-2022-23268 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2022-22008 | No | No | Less Likely | Less Likely | Critical | 7.8 | 6.8 |
CVE-2022-22009 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-23257 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
CVE-2022-24537 | No | No | Less Likely | Less Likely | Critical | 7.8 | 6.8 |
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | |||||||
CVE-2022-24490 | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
CVE-2022-24539 | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
CVE-2022-26783 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
CVE-2022-26785 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2022-24530 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-24499 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Kerberos Elevation of Privilege Vulnerability | |||||||
CVE-2022-24486 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-24544 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Kerberos Remote Code Execution Vulnerability | |||||||
CVE-2022-24545 | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2022-24483 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows LDAP Denial of Service Vulnerability | |||||||
CVE-2022-26831 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows LDAP Remote Code Execution Vulnerability | |||||||
CVE-2022-26919 | No | No | Less Likely | Less Likely | Critical | 8.1 | 7.1 |
Windows Local Security Authority (LSA) Remote Code Execution Vulnerability | |||||||
CVE-2022-24487 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Windows Network File System Remote Code Execution Vulnerability | |||||||
CVE-2022-24491 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
CVE-2022-24497 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
Windows Print Spooler Elevation of Privilege Vulnerability | |||||||
CVE-2022-26786 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26787 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26789 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26790 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26791 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26792 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26793 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26794 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26795 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26796 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26797 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26798 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26801 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26802 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-26803 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows SMB Remote Code Execution Vulnerability | |||||||
CVE-2022-24500 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
Windows Secure Channel Denial of Service Vulnerability | |||||||
CVE-2022-26915 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows Server Service Remote Code Execution Vulnerability | |||||||
CVE-2022-24541 | No | No | Less Likely | Less Likely | Critical | 8.8 | 7.7 |
Windows Telephony Server Elevation of Privilege Vulnerability | |||||||
CVE-2022-24550 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Upgrade Assistant Remote Code Execution Vulnerability | |||||||
CVE-2022-24543 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows User Profile Service Elevation of Privilege Vulnerability | |||||||
CVE-2022-26904 | Yes | No | More Likely | More Likely | Important | 7.0 | 6.5 |
Windows Win32k Elevation of Privilege Vulnerability | |||||||
CVE-2022-24474 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
CVE-2022-24542 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Work Folder Service Elevation of Privilege Vulnerability | |||||||
CVE-2022-26807 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows iSCSI Target Service Information Disclosure Vulnerability | |||||||
CVE-2022-24498 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.7 |
YARP Denial of Service Vulnerability | |||||||
CVE-2022-26924 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments