You are currently viewing Microsoft January 2022 Patch Tuesday Addresses 97 Vulnerabilities Including Six Zero-Day

Microsoft January 2022 Patch Tuesday Addresses 97 Vulnerabilities Including Six Zero-Day

  • Post author:
  • Reading time:21 mins read

Microsoft’s January 2022 Patch Tuesday security patch includes a total of 97 vulnerabilities detected, including six zero-day with nine classified as Critical and then 88 as Important. Furthermore, the products covered in January’s security update include Microsoft Office, Microsoft Windows, Microsoft Office, Microsoft Edge, Microsoft Dynamics, Microsoft Exchange Server, Windows Defender, Windows RDP, Windows Direct X, etc. A patch management software can fix these vulnerabilities.

None of the Vulnerabilities are actively exploited. However, having a vulnerability management tool is essential.

Zero-day Vulnerabilities

  • CVE-2021-22947Open Source Curl Remote Code Execution Vulnerability was found in the curl before 7.79.0. This flaw allows for Man-in-The-Middle (MITM) attacks. In addition, using this vulnerability, an attacker can inject fake response data over POP3 and IMAP.
  • CVE-2021-36976Libarchive Remote Code Execution Vulnerability. Similarly, a use-after-free flaw found in libarchive in the copy_string function which leads to RCE.
  • CVE-2022-21874Windows Security Center API Remote Code Execution Vulnerability. However, this flaw can be exploited remotely and doesn’t require any form of authentication.
  • CVE-2022-21919Windows User Profile Service Elevation of Privilege Vulnerability. This flaw occurs due to an error when handling a maliciously crafted file. However, an attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.
  • CVE-2022-21839Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability. The flaw exists due to insufficient validation of user-supplied input. Moreover, a local attacker can pass specially crafted input, leading to a DOS attack.
  • CVE-2022-21836Windows Certificate Spoofing Vulnerability. The flaw exists due to incorrect processing of user-supplied data in the Windows Certificate. However, this flaw was publicly disclosed, and compromised certificates have been added to the Windows kernel driver block list.

Critical Vulnerabilities in Microsoft January 2022 Patch Tuesday

  • CVE-2022-21846Microsoft Exchange Server Remote Code Execution Vulnerability. Furthermore, this flaw has been rated as CVSSv3 score of 9.0 out of 10. According to Microsoft, these vulnerabilities require adjacent attacks, meaning “it cannot simply be done across the internet, but instead needs something specifically tied to the target.”
  • CVE-2022-21840Microsoft Office Remote Code Execution Vulnerability. However, for exploiting this vulnerability, an attacker needs some interaction with the victim as exploitation needs the victim to open a malicious file. Successful exploitation will lead to Remote Code Execution.
  • CVE-2022-21917 HEVC Video Extensions Remote Code Execution Vulnerability. Moreover, for exploitation, authentication and user interaction are required.
  • CVE-2022-21857 Active Directory Domain Services Elevation of Privilege Vulnerability. In addition, an attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.
  • CVE-2022-21898, CVE-2022-21912DirectX Graphics Kernel Remote Code Execution Vulnerability. The flaw exists due to improper input validation. In addition, an attacker can send a specially crafted request and then execute arbitrary code on the target system. Furthermore, successful exploitation will lead to complete system compromise.
  • CVE-2022-21907HTTP Protocol Stack Remote Code Execution Vulnerability. Moreover, this flaw can be exploited remotely and doesn’t require any form of authentication.
  • CVE-2022-21833 – Virtual Machine IDE Drive Elevation of Privilege Vulnerability. However, an attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.

Microsoft security bulletin summary for January 2022

  • Windows Remote Desktop
  • Windows Installer
  • Windows Defender
  • Microsoft Teams
  • Microsoft Windows Codecs Library
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Windows Storage
  • Windows Storage Spaces Controller
  • Windows System Launcher
  • Windows Task Flow Data Engine
  • Windows Tile Data Repository
  • Windows UEFI
  • .NET Framework

Product: Microsoft Windows
CVEs/Advisory: CVE-2021-22947, CVE-2021-36976, CVE-2022-21833, CVE-2022-21834, CVE-2022-21835, CVE-2022-21836, CVE-2022-21838, CVE-2022-21839, CVE-2022-21843, CVE-2022-21847, CVE-2022-21848, CVE-2022-21849, CVE-2022-21850, CVE-2022-21851, CVE-2022-21852, CVE-2022-21857, CVE-2022-21858, CVE-2022-21859, CVE-2022-21860, CVE-2022-21861, CVE-2022-21862, CVE-2022-21863, CVE-2022-21864, CVE-2022-21865, CVE-2022-21866, CVE-2022-21867, CVE-2022-21868, CVE-2022-21869, CVE-2022-21870, CVE-2022-21871, CVE-2022-21872, CVE-2022-21873, CVE-2022-21874, CVE-2022-21875, CVE-2022-21876, CVE-2022-21877, CVE-2022-21878, CVE-2022-21879, CVE-2022-21880, CVE-2022-21881, CVE-2022-21882, CVE-2022-21883, CVE-2022-21884, CVE-2022-21885, CVE-2022-21887, CVE-2022-21888, CVE-2022-21889, CVE-2022-21890, CVE-2022-21892, CVE-2022-21893, CVE-2022-21894, CVE-2022-21895, CVE-2022-21896, CVE-2022-21897, CVE-2022-21898, CVE-2022-21899, CVE-2022-21900, CVE-2022-21901, CVE-2022-21902, CVE-2022-21903, CVE-2022-21904, CVE-2022-21905, CVE-2022-21906, CVE-2022-21907, CVE-2022-21908, CVE-2022-21910, CVE-2022-21912, CVE-2022-21913, CVE-2022-21914, CVE-2022-21915, CVE-2022-21916, CVE-2022-21918, CVE-2022-21919, CVE-2022-21920, CVE-2022-21921, CVE-2022-21922, CVE-2022-21924, CVE-2022-21925, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass and then Spoofing
KBs: 5009543, 5009545, 5009546, 5009555, 5009557, 5009566, 5009585, 5009586, 5009595, 5009619, 5009624

Product: Microsoft Office
CVEs/Advisory: CVE-2022-21837, CVE-2022-21840, CVE-2022-21841, CVE-2022-21842
Impact: Remote Code Execution
KBs: 5001995, 5002052, 5002057, 5002060, 5002064, 5002102, 5002108, 5002109, 5002110, 5002111, 5002113, 5002114, 5002115, 5002116, 5002118, 5002119, 5002122, 5002124, 5002127, 5002128, 5002129

Product: Microsoft Exchange Server
CVEs/Advisory: CVE-2022-21846, CVE-2022-21855, CVE-2022-2196
Impact: Remote Code Execution
KBs: 5008631

Product: Microsoft Edge (Chromium-based)
CVEs/Advisory: CVE-2022-21970, CVE-2022-0120, CVE-2022-0118, CVE-2022-0117, CVE-2022-0116, CVE-2022-0115, CVE-2022-0114, CVE-2022-0113, CVE-2022-0112, CVE-2022-0111, CVE-2022-0110, CVE-2022-0109, CVE-2022-0108, CVE-2022-0107, CVE-2022-0106, CVE-2022-0105, CVE-2022-0104, CVE-2022-0103, CVE-2022-0102, CVE-2022-0101, CVE-2022-0100, CVE-2022-0099, CVE-2022-0098, CVE-2022-0097, CVE-2022-0096, CVE-2022-21954, CVE-2022-21931, CVE-2022-21930, CVE-2022-21929
Impact: Elevation of Privilege, Remote Code Execution

However, SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Finally, use SanerNow and keep your systems updated and secure.

Share this article
Tags: , , ,