You are currently viewing Microsoft January 2022 Patch Tuesday Addresses 97 Vulnerabilities Including Six Zero-Day

Microsoft January 2022 Patch Tuesday Addresses 97 Vulnerabilities Including Six Zero-Day

Microsoft has released January Patch Tuesday security updates with a total of 97 Vulnerabilities, including six zero-day with nine classified as Critical and 88 as Important. The products covered in January’s security update include Microsoft Office, Microsoft Windows, Microsoft Office, Microsoft Edge, Microsoft Dynamics, Microsoft Exchange Server, Windows Defender, Windows RDP, Windows Direct X, etc.

None of the Vulnerabilities has been actively exploited.


Zero-day Vulnerabilities

CVE-2021-22947Open Source Curl Remote Code Execution Vulnerability was found in the curl before 7.79.0. This flaw allows for Man-in-The-Middle (MITM) attacks. Using this vulnerability, an attacker can inject fake response data over POP3 and IMAP.

CVE-2021-36976Libarchive Remote Code Execution Vulnerability. A use-after-free flaw was found in libarchive in the copy_string function which leads to RCE.

CVE-2022-21874Windows Security Center API Remote Code Execution Vulnerability. This flaw can be exploited remotely and doesn’t require any form of authentication.

CVE-2022-21919Windows User Profile Service Elevation of Privilege Vulnerability. This flaw occurs due to an error when handling a maliciously crafted file. An attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.

CVE-2022-21839Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability. The flaw exists due to insufficient validation of user-supplied input. A local attacker can pass specially crafted input, leading to a DOS attack.

CVE-2022-21836Windows Certificate Spoofing Vulnerability. The flaw exists due to incorrect processing of user-supplied data in the Windows Certificate. This flaw was publicly disclosed, and compromised certificates have been added to the Windows kernel driver block list.


Critical Vulnerabilities

CVE-2022-21846Microsoft Exchange Server Remote Code Execution Vulnerability. This flaw has been rated as CVSSv3 score of 9.0 out of 10. According to Microsoft, these vulnerabilities require adjacent attacks, meaning “it cannot simply be done across the internet, but instead needs something specifically tied to the target.”

CVE-2022-21840Microsoft Office Remote Code Execution Vulnerability. For exploiting this vulnerability, an attacker needs some interaction with the victim as exploitation needs the victim to open a malicious file. Successful exploitation will lead to Remote Code Execution.

CVE-2022-21917 HEVC Video Extensions Remote Code Execution Vulnerability. For exploitation, authentication and user interaction are required.

CVE-2022-21857 Active Directory Domain Services Elevation of Privilege Vulnerability. An attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.

CVE-2022-21898, CVE-2022-21912DirectX Graphics Kernel Remote Code Execution Vulnerability. The flaw exists due to improper input validation. An attacker can send a specially crafted request and execute arbitrary code on the target system. Successful exploitation will lead to complete system compromise.

CVE-2022-21907HTTP Protocol Stack Remote Code Execution Vulnerability. This flaw can be exploited remotely and doesn’t require any form of authentication.

CVE-2022-21833 – Virtual Machine IDE Drive Elevation of Privilege Vulnerability. An attacker can exploit this vulnerability remotely and leverage their privileges on vulnerable systems.


Microsoft security bulletin summary for January 2022

  • Windows Remote Desktop
  • Windows Installer
  • Windows Defender
  • Microsoft Teams
  • Microsoft Windows Codecs Library
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Windows Storage
  • Windows Storage Spaces Controller
  • Windows System Launcher
  • Windows Task Flow Data Engine
  • Windows Tile Data Repository
  • Windows UEFI
  • .NET Framework

Product: Microsoft Windows
CVEs/Advisory: CVE-2021-22947, CVE-2021-36976, CVE-2022-21833, CVE-2022-21834, CVE-2022-21835, CVE-2022-21836, CVE-2022-21838, CVE-2022-21839, CVE-2022-21843, CVE-2022-21847, CVE-2022-21848, CVE-2022-21849, CVE-2022-21850, CVE-2022-21851, CVE-2022-21852, CVE-2022-21857, CVE-2022-21858, CVE-2022-21859, CVE-2022-21860, CVE-2022-21861, CVE-2022-21862, CVE-2022-21863, CVE-2022-21864, CVE-2022-21865, CVE-2022-21866, CVE-2022-21867, CVE-2022-21868, CVE-2022-21869, CVE-2022-21870, CVE-2022-21871, CVE-2022-21872, CVE-2022-21873, CVE-2022-21874, CVE-2022-21875, CVE-2022-21876, CVE-2022-21877, CVE-2022-21878, CVE-2022-21879, CVE-2022-21880, CVE-2022-21881, CVE-2022-21882, CVE-2022-21883, CVE-2022-21884, CVE-2022-21885, CVE-2022-21887, CVE-2022-21888, CVE-2022-21889, CVE-2022-21890, CVE-2022-21892, CVE-2022-21893, CVE-2022-21894, CVE-2022-21895, CVE-2022-21896, CVE-2022-21897, CVE-2022-21898, CVE-2022-21899, CVE-2022-21900, CVE-2022-21901, CVE-2022-21902, CVE-2022-21903, CVE-2022-21904, CVE-2022-21905, CVE-2022-21906, CVE-2022-21907, CVE-2022-21908, CVE-2022-21910, CVE-2022-21912, CVE-2022-21913, CVE-2022-21914, CVE-2022-21915, CVE-2022-21916, CVE-2022-21918, CVE-2022-21919, CVE-2022-21920, CVE-2022-21921, CVE-2022-21922, CVE-2022-21924, CVE-2022-21925, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Spoofing
KBs: 5009543, 5009545, 5009546, 5009555, 5009557, 5009566, 5009585, 5009586, 5009595, 5009619, 5009624


Product: Microsoft Office
CVEs/Advisory: CVE-2022-21837, CVE-2022-21840, CVE-2022-21841, CVE-2022-21842
Impact: Remote Code Execution
KBs: 5001995, 5002052, 5002057, 5002060, 5002064, 5002102, 5002108, 5002109, 5002110, 5002111, 5002113, 5002114, 5002115, 5002116, 5002118, 5002119, 5002122, 5002124, 5002127, 5002128, 5002129


Product: Microsoft Exchange Server
CVEs/Advisory: CVE-2022-21846, CVE-2022-21855, CVE-2022-2196
Impact: Remote Code Execution
KBs: 5008631


Product: Microsoft Edge (Chromium-based)
CVEs/Advisory: CVE-2022-21970, CVE-2022-0120, CVE-2022-0118, CVE-2022-0117, CVE-2022-0116, CVE-2022-0115, CVE-2022-0114, CVE-2022-0113, CVE-2022-0112, CVE-2022-0111, CVE-2022-0110, CVE-2022-0109, CVE-2022-0108, CVE-2022-0107, CVE-2022-0106, CVE-2022-0105, CVE-2022-0104, CVE-2022-0103, CVE-2022-0102, CVE-2022-0101, CVE-2022-0100, CVE-2022-0099, CVE-2022-0098, CVE-2022-0097, CVE-2022-0096, CVE-2022-21954, CVE-2022-21931, CVE-2022-21930, CVE-2022-21929
Impact: Elevation of Privilege, Remote Code Execution


SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Use SanerNow and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments