Microsoft Patch Tuesday: May 2022

Included in the latest Patch Tuesday are 73 new vulnerability patches; 6 critical, 2 publicly disclosed and 1 exploited in the wild. This is a decrease of 44 compared to last month’s Patch Tuesday release.

May’s instalment includes patches for some key software such as:

  • .NET and Visual Studio
  • Microsoft Edge
  • Microsoft Exchange Server
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office SharePoint
  • Role: Windows Fax Service
  • Role: Windows Hyper-V
  • Visual Studio
  • Windows Active Directory
  • Windows Remote Desktop

Important Notes

CVE-2022-26925: Windows LSA Spoofing Vulnerability

This is an important vulnerability affecting Windows Local Security Authority, part of the Windows Client Authentication Architecture which authenticates and creates a logon Session to the Local Computer. This could allow a hacker to produce a man-in-the-middle attack on domain controllers to authenticate the hacker. This vulnerability has been reported to be publicly disclosed and exploited in the wild.

CVE-2022-26937: Windows Network File System Remote Code Execution Vulnerability

With a critical CVSS of 9.8, a hacker could remotely execute code with a system using the windows NFS service by sending a specially crafted call all while remaining unauthenticated. This could allow a hacker a foothold to access a system by deploying a backdoor. Luckily, this vulnerability hasn’t been seen in the wild nor is it publicly disclosed.

CVE-2022-26923: Active Directory Domain Services Elevation of Privilege Vulnerability

Another critical vulnerability in this month’s line-up, with a CVSS of 8.8 exploiting this vulnerability would allow an authenticated user to manipulate attributes on computer accounts they own or manage and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege.

CVE-2022-22713: Windows Hyper-V Denial of Service Vulnerability

This important vulnerability with a CVSS of 5.6 would allow a hacker to manipulate an input to a Hyper-V component causing a Denial of Service. Successful exploitation of this vulnerability requires a hacker to win a race condition. This vulnerability has been publicly disclosed.

For a full list of this month’s updates please see the links below:

Patch Tuesday release notes:

Security update guide:

Ironshare – Security Simplified