We're back with another round of Patch Tuesday updates from Microsoft. With a total of 97 vulnerabilities this month separated between 88 important and 9 critical, it looks like this month is full on security improvements. While 6 vulnerabilities have been publicly disclosed, surprisingly not one has been noted as exploited in the wild.
This month release covers security updates for key components including:
Important Notes
CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability
This critical vulnerability would allow a hacker to run arbitrary code on a Windows 10, 11, Server 2019 and Server 2022 machine. Although is not currently known to have been exploited, MS are urging immediate patching due to its wormable nature (meaning it can be used to spread throughout a vulnerable network, without human interaction). This vulnerability has a CVSS score of 9.8 making it the most severe of all the vulnerabilities being patched in this update.
CVE-2022-21846: Microsoft Exchange Server Remote Code Execution Vulnerability
With a CVSS score of 9.0 this critical vulnerability would allow the hackers to run their code within a Microsoft Exchange Server. Microsoft notes although the vulnerability poses a greater threat than most this would require a lot more work to exploit than other vulnerabilities.
CVE-2022-21840: Microsoft Office Remote Code Execution Vulnerability
Another critical vulnerability listed in this issue of patch Tuesday is CVE-2022-21840. This is another remote code execution vulnerability that would allow a hacker to run their code on your system. This vulnerability is said to affect all supported versions of Office and SharePoint Server.
CVE-2022-21919: Windows User Profile Service Elevation of Privilege Vulnerability
This vulnerability was a workaround for a previous patch CVE-2021-34484 which allowed the elevation of privilege to increase allowed permissions. This is a common starting vulnerability for hackers to get greater access within your device. The severity of this vulnerability is rated important and with a CVSS score of 7.0
Software patches are essential to keeping any device secure from potential threats. We highly recommend that you update these as soon as possible given the high-risk HTTPS protocol stack and Office vulnerabilities posing serious security concerns.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-Jan
Security update guide: https://msrc.microsoft.com/update-guide/
Windows Server Update Prevents Hyper-V From Starting and Causes DC Boot Loop - January 13
New Windows Server updates cause DC boot loops, break Hyper-V (bleepingcomputer.com)
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
