Microsoft Patch Tuesday: 9th March 2022

The latest instalment of Microsoft Patch Tuesday has much to offer, with 71 new vulnerabilities being patched alongside the 21 addressed for Microsoft Edge earlier this month. Included in this issue of Patch Tuesday are 3 critical vulnerabilities, with the remaining 68 were labelled as important. While 3 of the flaws have been publicly disclosed, none appear to have been exploited in the wild.

This month’s release covers security updates for key components including:

  • Microsoft 365 Apps
  • Windows Defender
  • .NET
  • Remote Desktop Client
  • Visual Studio
  • Microsoft Intune
  • HEVC Video Extension

Important Notes

CVE-2022-22006: HEVC Video Extensions Remote Code Execution Vulnerability

With a CVSS of 7.8, this critical remote code execution vulnerability exists in the HEVC Video Extension product and can only be exploited by an authenticated user. Exploitation requires the victim to open a video file containing malicious code; this allows the code to execute on the target machine.

CVE-2022-24501: VP9 Video Extensions Remote Code Execution Vulnerability

Similar to the previous vulnerability this leverages a video format to use as a means of executing arbitrary code. This critical vulnerability also scores 7.8. Unlike in the previous vulnerability, this video format is supported by modern browsers making it an easier method for users to execute.

CVE-2022-23277: Microsoft Exchange Server Remote Code Execution Vulnerability

This critical vulnerability scoring 8.8 could allow an authenticated attacker to utilise the elevated permissions of another account through the use of objects in memory being handled incorrectly allowing for code execution. 

CVE-2022-21990: Remote Desktop Client Remote Code Execution Vulnerability

Although not labelled as critical by Microsoft, with a CVSS score of 8.8, this vulnerability shouldn’t be overlooked. This vulnerability requires the target to actively connect to a malicious RDP server, typically through social engineering; from here the attacker to execute code through a vulnerability within the remote desktop client. This vulnerability has been seen in the wild and is known to be utilised to gain access to a system and infect it with ransomware. 

For a full list of this month’s updates please see the links below:

Patch Tuesday release notes:

Security update guide:

Follow us on social media:

Ironshare – Security Simplified