{"id":18463,"date":"2022-03-09T10:17:04","date_gmt":"2022-03-09T18:17:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/03\/09\/news-12196\/"},"modified":"2022-03-09T10:17:04","modified_gmt":"2022-03-09T18:17:04","slug":"news-12196","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/03\/09\/news-12196\/","title":{"rendered":"Microsoft Patch Tuesday, March 2022 Edition"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000<\/strong><\/p>\n

Microsoft<\/strong> on Tuesday released software updates to plug at least 70 security holes in its Windows<\/strong> operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users, and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.<\/p>\n

\"\"<\/p>\n

Greg Wiseman<\/strong>, product manager at Rapid7<\/strong>, notes that three vulnerabilities fixed this month have been previously disclosed, potentially giving attackers a head start in working out how to exploit them. Those include remote code execution bugs CVE-2022-24512<\/a>, affecting .NET<\/strong> and Visual Studio<\/strong>, and CVE-2022-21990<\/a>, affecting Remote Desktop Client<\/strong>. CVE-2022-24459<\/a> is a vulnerability in the Windows Fax and Scan<\/strong> service. All three publicly disclosed vulnerabilities are rated “Important<\/a>” by Microsoft.<\/p>\n

Just three of the fixes this month earned Microsoft’s most-dire “Critical<\/strong>” rating, which Redmond assigns to bugs that can be exploited to remotely compromise a Windows PC with little to no help from users. Two of those critical flaws involve Windows video codecs. Perhaps the most concerning critical bug quashed this month is CVE-2022-23277<\/a>, a\u00a0 remote code execution flaw affecting Microsoft Exchange Server<\/strong>.<\/p>\n

“Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it,” Wiseman said. “Although passwords can be obtained via phishing and other means, this one shouldn\u2019t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021<\/a>. Exchange administrators should still patch as soon as reasonably possible.”<\/p>\n

CVE-2022-24508<\/a> is a remote code execution bug affecting Windows SMBv3<\/strong>, the technology that handles file sharing in Windows environments.<\/p>\n

“This has potential for widespread exploitation, assuming an attacker can put together a suitable exploit,” Wiseman said. “Luckily, like this month’s Exchange vulnerabilities, this, too, requires authentication.”<\/span><\/p>\n

Kevin Breen<\/strong>, director of cyber threat research at Immersive Labs<\/strong>, called attention to a trio of bugs fixed this month in the Windows Remote Desktop Protocol<\/strong> (RDP), which is a favorite target of ransomware groups.<\/p>\n

CVE-2022-23285<\/a>, CVE-2022-21990<\/a> and CVE-2022-24503<\/a> are a potential concern especially as this infection vector is commonly used by ransomware actors,” Breen said. “While exploitation is not trivial, requiring an attacker to set up bespoke infrastructure, it still presents enough of a risk to be a priority.”<\/p>\n

March’s Patch Tuesday also brings an unusual update (CVE-2022-21967<\/a>) that might just be the first security patch involving Microsoft’s Xbox<\/strong> device.<\/p>\n

\u201cThis appears to be the first security patch impacting Xbox specifically,\u201d said Dustin Childs<\/strong> from Trend Micro’s Zero Day Initiative<\/strong>. \u201cThere was an advisory for an inadvertently disclosed Xbox Live certificate back in 2015, but this seems to be the first security-specific update for the device itself.\u201d<\/p>\n

Also on Tuesday, Adobe released updates<\/a> addressing six vulnerabilities in Adobe Photoshop<\/strong>, Illustrator<\/strong> and After Effects<\/strong>.<\/p>\n

\n

For a complete rundown of all patches released by Microsoft today and indexed by severity and other metrics, check out the\u00a0always-useful Patch Tuesday roundup<\/a>\u00a0from the\u00a0SANS Internet Storm Center<\/strong>. And it\u2019s not a bad idea to hold off updating for a few days until Microsoft works out any kinks in the updates:\u00a0AskWoody.com<\/a>\u00a0usually has the lowdown on any patches that may be causing problems for Windows users.<\/p>\n

As always, please consider backing up your system or at least your important documents and data before applying system updates. And if you run into any problems with these patches, please drop a note about it here in the comments.<\/p>\n<\/p><\/div>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000<\/strong><\/p>\n

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[25275,25276,25277,25278,25279,25280,25281,25282,24602,21516,24626,24627,25283,25284,15086,23162,16936,25285,25286],"class_list":["post-18463","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-cve-2022-21967","tag-cve-2022-21990","tag-cve-2022-23277","tag-cve-2022-23285","tag-cve-2022-24459","tag-cve-2022-24503","tag-cve-2022-24508","tag-cve-2022-24512","tag-dustin-childs","tag-greg-wiseman","tag-immersive-labs","tag-kevin-breen","tag-microsoft-exchange-server","tag-microsoft-patch-tuesday-march-2022","tag-rapid7","tag-remote-desktop","tag-time-to-patch","tag-trend-micro-zero-day-initiative","tag-windows-smbv3"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18463"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18463\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18463"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}