News

Microsoft fixed 71 vulnerabilities and three 0-day bugs in its products

Photo of Daniel Zimmermann Daniel ZimmermannMarch 10, 2022
0 79 1 minute read

This week, Microsoft released the March patch kit and fixed three zero-day vulnerabilities, for a total of 71 vulnerabilities fixed in its products (not counting 21 vulnerabilities in Microsoft Edge).

One of the most serious issues this month is the RCE vulnerability in Microsoft Exchange Server, which has received the identifier CVE-2022-23277. This bug reportedly allows an authenticated user to “run malicious code in the context of a server account through a network call.”

Given the pattern we’ve seen recently with respect to attacks on other Exchange vulnerabilities, the critical severity and nature of this vulnerability makes this one requiring patching as soon as possible.<span class="su-quote-cite"><a href="https://news.sophos.com/en-us/2022/03/08/microsoft-patches-71-vulnerabilities-including-rdp-client-exchange-server-intune/?cmp=30728" target="_blank">experts of <b>Sophos Lab</b> note.</a></span>

Two other critical RCE bugs fixed this month affect Microsoft Video Extensions. One of them, CVE-2022-24501, was found in the VP9 Video Extensions app available from the Microsoft Store. An attacker can convince a user to open a malicious video file, which will eventually lead to the execution of the code hidden in the video. Similarly, CVE-2022-22006 is a remote code execution vulnerability in HEVC Video Extensions that can be exploited in a similar way.

In addition, Microsoft has released fixes for a number of other products, including Office, Windows, Internet Explorer, Defender, and Azure Site Recovery. Zero Day Initiative experts, who have traditionally published a review of the fixed bugs, highlight the following among them:

  1. CVE-2022-21990: Remote code execution. It is possible to hijack someone else’s PC through an RDP client when connected to a malicious server. Details about this vulnerability are already publicly available and, according to the Zero Day Initiative, the bug should be considered critical.
  2. CVE-2022-24508: Remote code execution. An authenticated user can execute malicious code on Windows 10 version 2004 and later via SMBv3. Experts also advise considering this problem critical.
  3. CVE-2022-24512: Remote code execution in .NET and Visual Studio. The details of the bug are public.

It should also be noted that other larger companies have introduced updates for their products, including:

  1. Google introduced March security updates for Android;
  2. Cisco has released updates for many products, including Cisco Cisco FXOS and NX-OS, StarOS, and Cisco Application Policy Infrastructure Controller;
  3. Adobe has fixed arbitrary code execution and memory leak vulnerabilities.

Let me remind you that we also talked about Microsoft fixes vulnerability in Azure Container Instance, and also that Microsoft has recorded a record DDoS attack, with a capacity of 3.47 Tb/s.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Tags
Photo of Daniel Zimmermann Daniel ZimmermannMarch 10, 2022
0 79 1 minute read
Photo of Daniel Zimmermann

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Cobalt Strike

Cybercriminals use for masking outdated versions of Cobalt Strike

June 20, 2019
Manifest V3 release postponed

The Developers Postponed the Release of Manifest V3 to 2024

October 5, 2022
Hackers attacked via Slack API

Hackers attacked airline via Slack API

December 18, 2021

Russian Hackers targeted Swiss chemical weapons experts

July 30, 2018

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | Adware.Guru;
Back to top button