Microsoft’s July Patch Tuesday has arrived. This month’s batch of security updates contains fixes for 84 total vulnerabilities, including four criticals and one actively exploited zero-day. There are some key flaws addressed in this rollout, such as privilege escalation, remote code execution and security feature bypasses; we recommend looking into the advisories provided by Microsoft and applying the latest updates as soon as possible.
July’s instalment includes patches for some key software such as:
This critical vulnerability exists in the Windows Remote Procedure Call Runtime and could allow a remote attacker to execute arbitrary code on the target system. The CVSS metric states that complexity for this attack is high, meaning the threat actor would need to “invest time in repeated exploitation” in order to succeed.
This is another critical remote code execution vulnerability that resides in the Windows Graphics Component. To exploit this vulnerability, the target user is required to connect to a malicious RDP server where code could be executed in the context of the user. Unlike the previous flaw, attack complexity for this vulnerability is low and can be successfully exploited much easier.
The final two critical vulnerabilities both exist in Windows Network File System, and allow an attacker to remotely execute code on the target system. Exploitation for both flaws requires an unauthenticated specially crafted call to an NFS service. Attack complexity for both flaws is high, with CVE-2022-22039 requiring the attacker to win a race condition.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul
Security update guide: https://msrc.microsoft.com/update-guide/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Ironshare is a provider of Information and Cyber Security services.