{"id":19345,"date":"2022-06-15T06:10:07","date_gmt":"2022-06-15T14:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/06\/15\/news-13078\/"},"modified":"2022-06-15T06:10:07","modified_gmt":"2022-06-15T14:10:07","slug":"news-13078","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/06\/15\/news-13078\/","title":{"rendered":"Update now!\u00a0 Microsoft patches Follina, and many other security updates"},"content":{"rendered":"

Credit to Author: Pieter Arntz| Date: Wed, 15 Jun 2022 13:17:05 +0000<\/strong><\/p>\n

The June 2022 Patch Tuesday may go down in history as the day that Follina<\/a> got patched, but there was a host of other important updates. And not just from Microsoft. Many other software vendors follow the pattern of monthly updates set by the people in Redmond.<\/p>\n

Microsoft<\/h2>\n

Microsoft released updates to deal with 60 security vulnerabilities. Undoubtedly the most prominent one is the one that goes by the name of Follina<\/a>. The Edge browser received five of the patched vulnerabilities .<\/p>\n

Follina, or CVE-2022-30190<\/h3>\n

A quick recap about Follina. On Monday May 30, 2022, Microsoft issued CVE-2022-30190<\/a> regarding a vulnerability in the Microsoft Support Diagnostic Tool (MSDT) in Windows. An in the wild exploit was using a feature in Word to retrieve a HTML file from a remote server, and that HTML file in turn was using MSDT to load code and execute PowerShell commands.<\/p>\n

CVE-2022-30136<\/h3>\n

Another critical vulnerability is CVE-2022-30136<\/a>, a bug in NFS 4.1 which could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). This vulnerability concerns a number of Windows Server products and received a\u00a0CVSS<\/a> score of 9.8 out of 10. Last month, Microsoft fixed a similar vulnerability (CVE-2022-26937<\/a>) affecting NFS v2.0 and v3.0.<\/p>\n

CVE-2022-30139<\/h3>\n

Similar is CVE-2022-30139<\/a>, a Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) vulnerability. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. LDAP is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network. LDAP is a “lightweight” (smaller amount of code) version of Directory Access Protocol (DAP). In total, seven vulnerabilities in LDAP were found and fixed.<\/p>\n

CVE-2022-30163<\/h3>\n

Noteworthy as well is CVE-2022-30163<\/a> a\u00a0Windows Hyper-V Remote Code Execution vulnerability that allows an attacker to run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Microsoft Hyper-V is a virtualization platform, which enables administrators to virtualize multiple operating systems to run off the same physical server simultaneously.<\/p>\n

More Microsoft news<\/h2>\n

Microsoft has also started to phase out Internet Explorer, but more about that in a separate post<\/a>.<\/p>\n

And then there was a storm of criticism about the way Microsoft handled the SynLapse vulnerability<\/a> in Azure Data Factory and Azure Synapse Pipelines. SynLapse is the name for\u00a0a critical bug in Azure\u2019s Synapse service that allowed attackers to obtain credentials to other workspaces, execute code, or leak customer credentials to data sources outside of Azure. Rather than dealing with the vulnerability in a way that closed the gap once and for all, Microsoft choose what researchers called a halfhearted way that was easily bypassed in a following attempt. Orca researchers said they were able to bypass Microsoft\u2019s fix for the issue twice before the company put a working fix in place.<\/p>\n

Other vendors<\/h2>\n

Adobe has released security updates to address vulnerabilities in multiple products<\/a>.<\/p>\n

Atlassian<\/a> released a patch for the in the wild exploited<\/a> Confluence RCE vulnerability.<\/p>\n

Citrix<\/a> fixed two vulnerabilities in Citrix ADM server and Citrix ADM agent.<\/p>\n

Drupal<\/a> fixed two \u201cModerately critical\u201d vulnerabilities.<\/p>\n

GitLab<\/a>\u00a0released versions 15.0.1, 14.10.4, and 14.9.5 for GitLab Community Edition (CE) and Enterprise Edition (EE).<\/p>\n

Google put out updates for Android<\/a> and Chrome<\/a>.<\/p>\n

SAP<\/a> published security notes about some high priority vulnerabilities<\/p>\n

Stay safe, everyone!<\/p>\n

The post Update now!\u00a0 Microsoft patches Follina, and many other security updates<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Pieter Arntz| Date: Wed, 15 Jun 2022 13:17:05 +0000<\/strong><\/p>\n

Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized.<\/p>\n

The post Update now!\u00a0 Microsoft patches Follina, and many other security updates<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11414,26411,20352,21782,26559,26560,26561,26562,26347,18464,22783,26337,25601,1670,20790,25690,26345,26563,19245,21748,26564],"class_list":["post-19345","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-adobe","tag-atlassian","tag-citrix","tag-confluence","tag-cve-2022-26397","tag-cve-2022-30136","tag-cve-2022-30139","tag-cve-2022-30163","tag-cve-2022-30190","tag-drupal","tag-exploits-and-vulnerabilities","tag-follina","tag-gitlab","tag-google","tag-hyper-v","tag-ldap","tag-msdt","tag-nfs","tag-patch-tuesday","tag-sap","tag-synlapse"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19345","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19345"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19345\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19345"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19345"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19345"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}