Microsoft has released March 2022 Patch Tuesday security updates with a total of 92 vulnerabilities, which include 3 Zero-Days, 3 CVEs rated as critical, and the rest as important. The Zero days are not known to be actively exploited in attacks, and all the 3 Critical vulnerabilities are Remote Code Execution. However, the products covered in March’s security updates include Windows Remote Desktop, Windows Codecs library, Microsoft Edge, Windows Kernel, etc. In fact, Microsoft Edge, with 21 CVEs, holds the highest number of vulnerabilities addressed this month with the help of vulnerability manager. It is essential to have an automated patch management software to remediate these kinds of vulnerabilities.
Zero-day Vulnerabilities in Microsoft March 2022 Patch Tuesday
These are the vulnerabilities uncovered during March 2022 Patch Tuesday
CVE-2022-21990 – Remote Desktop Client Remote Code Execution Vulnerability. Moreover, an attacker can perform the Remote Code Execution in the vulnerable remote desktop clients connected to the server in control of an attacker.
CVE-2022-24459 – Windows Fax and Scan Service Elevation of Privilege Vulnerability. However, the loosely imposed security restrictions in Windows Fax and Scan Service lead to security restrictions bypass and privilege escalation. In this case, successful exploitation allows a local user to escalate privileges on the system.
CVE-2022-24512 – .NET and Visual Studio Remote Code Execution Vulnerability. The vulnerability is caused due to improper input validation in .NET and Visual Studio, which leads to remote code execution.
A good vulnerability management tool can prevent these attacks from occuring.
Critical Vulnerabilities
CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution. However, microsoft Exchange Server versions 2013, 2016, and 2019.. are vulnerable to a remote code execution. said, “An authenticated attacker can attempt to trigger malicious code in the context of the server’s account through a network call”.
Microsoft security bulletin summary for March 2022
-
- Windows Kernel
-
- Microsoft Exchange Server
-
- Windows Remote Desktop
-
- Windows Media
-
- Azure Site Recovery
-
- Microsoft Office
-
- Microsoft Windows
- Microsoft Windows
-
- Visual Studio Code
-
- Windows Security Support Provider Interface
-
- Windows SMB Server
-
- Windows HTML Platform
-
- Windows Installer
Products affected by Microsoft March 2022 Patch Tuesday:
Product: Microsoft Windows
CVEs/Advisory: CVE-2022-23283, CVE-2022-23293, CVE-2022-23288, CVE-2022-24525, CVE-2022-23287, CVE-2022-24503, CVE-2022-24455, CVE-2022-24454, CVE-2022-24459, CVE-2022-24502, CVE-2022-23299, CVE-2022-23298, CVE-2022-23294, CVE-2022-23290, CVE-2022-23285, CVE-2022-23284, CVE-2022-23291, CVE-2022-24460, CVE-2022-23281, CVE-2022-23297, CVE-2022-23296, CVE-2022-22010, CVE-2022-21977, CVE-2022-24508, CVE-2022-24507, CVE-2022-23253, CVE-2022-21990, CVE-2022-21975, CVE-2022-21967, CVE-2022-21973, CVE-2022-24505, CVE-2022-23286
Impact: Elevation of Privilege, Information Disclosure, Security Feature Bypass, Remote Code Execution and then Denial of Service
KB’s : 5011491, 5011487, 5011493, 5011495, 5011485, 5011503, 5011564, 5011560, 5011552, 5011529, 5011486
Severity: Important
Product: Azure Site Recovery VMWare to Azure
CVEs/Advisory: CVE-2022-24519, CVE-2022-24518, CVE-2022-24470, CVE-2022-24467, CVE-2022-24515, CVE-2022-24506, CVE-2022-24469, CVE-2022-24517, CVE-2022-24468, CVE-2022-24471, CVE-2022-24520
Impact: Elevation of Privilege, Remote Code Execution.
Severity: Important
Product: Microsoft Visual Studio
CVEs/Advisory: CVE-2020-8927, CVE-2022-24512, CVE-2022-24464
Impact: Remote Code Execution, Denial of Service
Severity: Important
Product: Microsoft Office
CVEs/Advisory: CVE-2022-24511, CVE-2022-24462, CVE-2022-24461, CVE-2022-24510, CVE-2022-24509
Impact: Tampering, Security Feature Bypass, Remote Code Execution.
Severity: Important
However, SanerNow VMand SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. Finally, use SanerNow and keep your systems updated and secure.