Microsoft On Tuesday, we released an update to fix about 120 security vulnerabilities in it. Windows Operating system and other software. Two flaws have been publicly explained in detail earlier this week, and one has already been actively abused, according to reports from. US National Security Agency (NSA).
Of particular concern this month CVE-2022-24521, This is a “elevation of privilege” vulnerability in the Windows common log file system driver. Microsoft said in its recommendation that it received a report from the NSA that the flaw was being aggressively attacked.
“It is not shown how widely the exploit is actually used, but it is still targeted at this time and may not be widely available,” he said. Dustin Childs With Trend Micro’s zero-day initiative. “Patch your system before things change.”
Nine updates pushed this week address issues that Microsoft considers “critical.” This means that the fixed flaws can be exploited by malware and malicious content to deprive Windows systems of full remote access without the help of users.
Some of the most terrifying and serious bugs CVE-2022-26809, Potential “wormable” weaknesses of core Windows components (RPC) I got a CVSS score of 9.8 (10 is the worst). Microsoft said it believes the flaw is likely to be exploited.
Other potentially wormable threats of the month include CVE-2022-24491 When CVE-2022-24497Windows Network file system (NFS) 9.8 A vulnerability that also occurs with a CVSS score and is described as “highly likely to be exploited by Microsoft.”
“These could be the kind of vulnerabilities that appeal to ransomware operators because they provide the potential to expose sensitive data,” he said. Kevin BreenDirector of Cyber Threat Research Immersive Bravo.. “It’s also important to note that the NFS role is not the default configuration for Windows devices for the security team.”
Speaking of worm-possible defects CVE-2022-24500 Is a serious bug in Windows Server message block (SMB).
“This is especially painful as we approach the anniversary of WannaCry, which is famous for its rapid propagation using the EternalBlueSMB vulnerability,” Breen added. “Microsoft recommends blocking TCP port 445 with a perimeter firewall. This is strong advice regardless of this particular vulnerability. This prevents exploitation by attackers in your local network. It will not be done, but it will prevent new attacks originating from the Internet. “
In addition, this month’s Redmond patch batch is Exchange Server, office, SharePoint Server, Windows Hyper-V, DNS server, Skype for Business, ..Net When Visual Studio, Windows App StoreWhen Windows print spooler component.
It usually takes place on the second Tuesday of every month. Adobe Released 4 patches to address 70 vulnerabilities in Acrobat When reader, Photoshop, After EffectsWhen Adobe Commerce..More information about these updates is available Here..
For a complete overview of all patches released today by Microsoft and indexed by severity and other metrics. Always useful patch Tuesday summary from SANS Internet Storm Center.. And it’s not a bad idea to postpone an update for a few days until Microsoft resolves the twist in the update. AskWoody.com There are usually patch details that may be causing problems for Windows users.
As always, consider backing up your system or at least important documents and data before applying a system update. Also, if you run into problems with these patches, please leave a note in the comments.