Microsoft Patch Tuesday – March 2022 - Hexafusion Blog | Hexafusion
  • Contact Us At

    604-679-2223

  • E-Mail Us @

Hexafusion Blog

Microsoft Patch Tuesday – March 2022

microsoft-patch-tuesday

microsoft-patch-tuesday.png

 

Patch Tuesday is once again upon us. The March 2022 edition of Patch Tuesday brings us 72 fixes, with 3 rated as critical. We've listed the most important changes below.

Microsoft Exchange has been a recurring topic the last months with continuous problems and fixes being released. This month's patch Tuesday includes a critical fix for Microsoft Exchange for CVE-2022-23277. A remote code execution vulnerability with a CVSS base score of 8.8. According to Microsoft's exploitability assessment, this vulnerability's exploitability is more likely, so quick pathing is recommended.

To exploit the vulnerability, the attacker must be authenticated, additionally, Microsoft lists that "As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server's account through a network call".

In addition to the RCE, a spoofing vulnerability has also been disclosed. CVE-2022-24463 with a CVSS base score of 6.5 can lead to file content being exposed. Similar to the RCE, the attacker must be authenticated. To get file content the attacker would have to create a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server.

Two video codec extensions offered through the Microsoft Store also contain remote code execution vulnerabilities. The VP9 video extension contains CVE-2022-24501 and the HEVC video extension contains CVE-2022-22006, both with a CVSS base score of 7.8.

The vulnerabilities can be exploited by convincing the user to open a specifically crafted file. Since these vulnerabilities lie in Microsoft Store apps, you'll have to ensure that you're not using or have the latest version with a fix installed. For VP9, this means version 1.0.42791.0. For HVEC, if the app is manufacturer pre-installed version 1.0.50361.0 or if you've purchased the app, version 1.0.50362.0.

Talking about Microsoft Store apps, Lansweeper 9.3, scheduled to release this week will include Microsoft Store app scanning, so you'll be able to find exactly which devices have these apps installed and which version.

Patch Tuesday March 2022 CVE Codes & Titles

CVE Number

CVE Title
CVE-2022-24526 Visual Studio Code Spoofing Vulnerability
CVE-2022-24525 Windows Update Stack Elevation of Privilege Vulnerability
CVE-2022-24522 Skype Extension for Chrome Information Disclosure Vulnerability
CVE-2022-24520 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24519 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24518 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24517 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24515 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24512 .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2022-24511 Microsoft Office Word Tampering Vulnerability
CVE-2022-24510 Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24508 Windows SMBv3 Client/Server Remote Code Execution Vulnerability
CVE-2022-24507 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2022-24506 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24505 Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-24503 Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2022-24502 Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24471 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24470 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24469 Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24468 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24467 Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24465 Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability
CVE-2022-24464 .NET and Visual Studio Denial of Service Vulnerability
CVE-2022-24463 Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-24462 Microsoft Word Security Feature Bypass Vulnerability
CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24460 Tablet Windows User Interface Application Elevation of Privilege Vulnerability
CVE-2022-24459 Windows Fax and Scan Service Elevation of Privilege Vulnerability
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
CVE-2022-24456 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24455 Windows CD-ROM Driver Elevation of Privilege Vulnerability
CVE-2022-24454 Windows Security Support Provider Interface Elevation of Privilege Vulnerability
CVE-2022-24453 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24452 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24451 VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-23301 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-23300 Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-23299 Windows PDEV Elevation of Privilege Vulnerability
CVE-2022-23298 Windows NT OS Kernel Elevation of Privilege Vulnerability
CVE-2022-23297 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2022-23296 Windows Installer Elevation of Privilege Vulnerability
CVE-2022-23295 Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-23294 Windows Event Tracing Remote Code Execution Vulnerability
CVE-2022-23293 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVE-2022-23291 Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-23290 Windows Inking COM Elevation of Privilege Vulnerability
CVE-2022-23288 Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-23287 Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-23286 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2022-23285 Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-23284 Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-23283 Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-23282 Paint 3D Remote Code Execution Vulnerability
CVE-2022-23281 Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2022-23278 Microsoft Defender for Endpoint Spoofing Vulnerability
CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-23266 Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2022-23265 Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2022-23253 Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-22010 Media Foundation Information Disclosure Vulnerability
CVE-2022-22007 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22006 HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-21990 Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21977 Media Foundation Information Disclosure Vulnerability
CVE-2022-21975 Windows Hyper-V Denial of Service Vulnerability
CVE-2022-21973 Windows Media Center Update Denial of Service Vulnerability
CVE-2022-21967 Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability
CVE-2022-21957 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
CVE-2021-3711 OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow
CVE-2021-36927 Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability
CVE-2020-8927 Brotli Library Buffer Overflow Vulnerability
News Source: https://www.lansweeper.com/patch-tuesday/microsoft-patch-tuesday-march-2022/
Netflix Secret Codes Reveals Hidden Titles
NSA Releases Network Infrastructure Security Guida...

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

News & Updates

Hexafusion is proud to announce the launch of our new website at www.hexafusion.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Hexafusion can do for your business.

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1