{"id":18234,"date":"2022-02-09T05:10:18","date_gmt":"2022-02-09T13:10:18","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/02\/09\/news-11967\/"},"modified":"2022-02-09T05:10:18","modified_gmt":"2022-02-09T13:10:18","slug":"news-11967","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/02\/09\/news-11967\/","title":{"rendered":"Update now! Firefox and Adobe updates are more critical than Microsoft\u2019s"},"content":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Wed, 09 Feb 2022 12:10:20 +0000<\/strong><\/p>\n<p>The most critical updates for this \u201cPatch Tuesday\u201d come from Firefox and Adobe. While Microsoft addresses 70 vulnerabilities in its February 2022 Patch Tuesday release, none of them are ranked as critical. Firefox and Adobe however have fixed a few issues that could be qualified as critical.<\/p>\n<p>Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Let\u2019s have a look at the ones that jumped out at us.<\/p>\n<h3>Firefox<\/h3>\n<p><a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2022-04\/\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">Mozilla<\/a> fixed a dozen security vulnerabilities in its Firefox browser. The two most important ones are both permissions issues:<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-22753\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-22753<\/a> A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access. This bug only affects Firefox on Windows. Other operating systems are unaffected.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-22754\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-22754<\/a> If a user installs an extension of a particular type, the extension could have auto-updated itself and, while doing so, bypass the prompt which grants the new version the new requested permissions.<\/li>\n<\/ul>\n<p>Two other vulnerabilities were classified as high. Those two are both memory safety bugs that with enough effort could have been exploited to run arbitrary code. These vulnerabilities were found by Mozilla developers.<\/p>\n<h2>Adobe<\/h2>\n<p><a href=\"https:\/\/helpx.adobe.com\/security\/security-bulletin.html\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">Adobe<\/a> released updates to fix 17 CVEs affecting Premiere Rush, Illustrator, Photoshop, After Effects, and Creative Cloud Desktop. Of these 17 vulnerabilities, five are rated as critical.<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-23203\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-23203<\/a> A buffer overflow vulnerability that could lead to arbitrary code execution in Photoshop 2021 and Photoshop 2022 for Windows and macOS.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-23186\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-23186<\/a> An out-of-bounds write vulnerability that could lead to arbitrary code execution in Illustrator 2021 and Illustrator 2022 for Windows and macOS.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-23188\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-23188<\/a> A buffer overflow vulnerability that could lead to arbitrary code execution in Illustrator 2021 and Illustrator 2022 for Windows and macOS.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-23200\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-23200<\/a> An out-of-bounds write vulnerability that could lead to arbitrary code execution in Adobe After Effects 18.4.3, 22.1.1 and\u202fearlier versions for Windows and macOS.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-23202\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-23202<\/a> Uncontrolled search path element vulnerability that could lead to arbitrary code execution in the Creative Cloud Desktop Application installer 2.7.0.13 and earlier versions on Windows.<\/li>\n<\/ul>\n<h2>Microsoft<\/h2>\n<p>Even though no\u00a0Microsoft vulnerabilities were listed as critical, there are a few that deserve some attention.<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-21989\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-21989<\/a> a Windows Kernel elevation-of-privilege vulnerability. According to the Microsoft <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-21989\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">advisory<\/a>, successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. But in such a case, a successful attack could be performed from a low privilege <a href=\"https:\/\/docs.microsoft.com\/windows\/win32\/secauthz\/appcontainer-isolation\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">AppContainer<\/a>. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-21996\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-21996<\/a> a Win32k elevation of privilege vulnerability listed as more likely to be exploited. The exploitation is known to be easy. The attack may be initiated remotely, but requires simple authentication for exploitation.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-22005\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-22005<\/a> a Microsoft SharePoint Server Remote Code Execution vulnerability. The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability. This permission however is often present for an authenticated user.<\/li>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2022-21984\" rel=\"noreferrer noopener nofollow\" target=\"_blank\">CVE-2022-21984<\/a> a Windows DNS Server Remote Code Execution vulnerability. The server is only affected if dynamic updates are enabled, but this is a relatively common configuration. An attacker might\u00a0take control of your <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2015\/09\/dns-hijacks-what-to-look-for\/\">DNS<\/a> and execute code with elevated privileges if you have this set up in your environment.<\/li>\n<\/ul>\n<p>Given the amount of available stolen login credentials, organizations shouldn&#8217;t disregard the vulnerabilities that require authentication, especially where it concerns public-facing servers. We hope this quick summary makes it easier for you to prioritize your updating jobs.<\/p>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/02\/update-now-firefox-and-adobe-updates-are-more-critical-than-microsofts\/\">Update now! Firefox and Adobe updates are more critical than Microsoft\u2019s<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/02\/update-now-firefox-and-adobe-updates-are-more-critical-than-microsofts\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Wed, 09 Feb 2022 12:10:20 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/02\/update-now-firefox-and-adobe-updates-are-more-critical-than-microsofts\/' title='Update now! Firefox and Adobe updates are more critical than Microsoft\u2019s'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2021\/05\/patch.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>Patch Tuesday for February 2022 comes with some critical updates from Firefox and Adobe, while Microsoft keeps it cool after the January hustle.<\/p>\n<p>Categories: <a href=\"https:\/\/blog.malwarebytes.com\/category\/exploits-and-vulnerabilities\/\" rel=\"category tag\">Exploits and vulnerabilities<\/a><\/p>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-21984\/\" rel=\"tag\">cve-2022-21984<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-21989\/\" rel=\"tag\">cve-2022-21989<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-21996\/\" rel=\"tag\">cve-2022-21996<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-22005\/\" rel=\"tag\">cve-2022-22005<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-22752\/\" rel=\"tag\">cve-2022-22752<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-23186\/\" rel=\"tag\">cve-2022-23186<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-23188\/\" rel=\"tag\">cve-2022-23188<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-23200\/\" rel=\"tag\">cve-2022-23200<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-23202\/\" rel=\"tag\">cve-2022-23202<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2022-23203\/\" rel=\"tag\">cve-2022-23203<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2202-22754\/\" rel=\"tag\">cve-2202-22754<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/firefox\/\" rel=\"tag\">firefox<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mozilla\/\" rel=\"tag\">mozilla<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/patch-tuesday\/\" rel=\"tag\">patch tuesday<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/02\/update-now-firefox-and-adobe-updates-are-more-critical-than-microsofts\/' title='Update now! Firefox and Adobe updates are more critical than Microsoft\u2019s'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2022\/02\/update-now-firefox-and-adobe-updates-are-more-critical-than-microsofts\/\">Update now! Firefox and Adobe updates are more critical than Microsoft\u2019s<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[24897,24889,24890,24891,24898,24899,24900,24901,24902,24903,24904,22783,11122,13271,19245],"class_list":["post-18234","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cve-2022-21984","tag-cve-2022-21989","tag-cve-2022-21996","tag-cve-2022-22005","tag-cve-2022-22752","tag-cve-2022-23186","tag-cve-2022-23188","tag-cve-2022-23200","tag-cve-2022-23202","tag-cve-2022-23203","tag-cve-2202-22754","tag-exploits-and-vulnerabilities","tag-firefox","tag-mozilla","tag-patch-tuesday"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18234"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18234\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18234"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}