Site icon TechNewsBoy.com

Microsoft Patch Tuesday fixes 11 critical security vulnerabilities and six zero-days being actively exploited

Image: Getty

Microsoft has released 64 patches addressing security vulnerabilities across its products including 11 flaws which are classed as critical – and six vulnerabilities which are actively being exploited by cyber attackers.  

The security flaws impact Microsoft products including Windows, Microsoft Azure, Microsoft Exchange Server, Microsoft Office and more, some of which have been targeted by malicious hackers for months. 

Two of the critical updates address security vulnerabilities in Microsoft Exchange Server, which have actively been under attack since September – CVE-2022-41028 and CVE-2022-41040. 

CVE-2022-41040 is a server-side request forgery (SSRF) vulnerability, an exploit that allows attackers to make server-side application requests from an unintended location – for example, allowing them to access internal services without being within the perimeter of the network. 

CVE-2022-41082 allows remote code execution when PowerShell is accessible to the attacker. Previously, Microsoft had only released mitigations for the vulnerabilities, but now patches are available, which is applied, can prevent attackers from exploiting them to access networks – and these should be applied as soon as possible. 

Also: The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

Another vulnerability described as both critical and actively being exploited in the wild is CVE-2022-41128, a remote code execution vulnerability in Windows Scripting Languages. To exploit the vulnerability, attackers need to lure victims to specially crafted websites or servers – something which could be achieved with a phishing attack – which they can exploit to run code. 

Microsoft hasn’t detailed how widely exploited this vulnerability is, but it’s likely to be a go-to tool for cyber criminals. 

“Considering it’s a browse-and-own type of scenario, I expect this will be a popular bug to include in exploit kits,” said Dustin Childs of Zero Day Initiative, an scheme with the aim of encouraging the reporting of zero-day vulnerabilities. 

Three of the vulnerabilities classed as ‘important’ are also being exploited by attackers and should be patched as soon as possible. 

These include CVE-2022-41091, a Windows mark of the web (MotW) security feature bypass vulnerability which allows attackers to get around Microsoft Windows defenses which are supposed to identify files coming from an untrusted source by issuing a security warning.  

By exploiting the vulnerability correctly, no alert is issued, meaning the user is unaware that they could be subject to malicious activity. The vulnerability was publicly disclosed in October and can now be patched. 

Another vulnerability being actively exploited which Microsoft’s Patch Tuesday update addresses is CVE-2022-41125 – an elevation of privilege vulnerability in the Windows Cryptography API: Next Generation (CNG) Key Isolation Service. If exploited correctly, the vulnerability allows an attacker to run code. 

The sixth vulnerability known to being used by attackers which is receiving a patch to help protect against exploitation is CVE-2022-41073, a Windows Print Spooler elevation of privilege vulnerability. It represents yet another patch designed to prevent attackers exploiting Print Nightmare flaws which were first disclosed in July last year, but continue to be a popular attack vector for cyber attackers. 

Microsoft hasn’t detailed how widespread attacks going after the three ‘important’ vulnerabilities are. 

It’s recommended that the Microsoft Patch Tuesday updates are applied as soon as possible to prevent malicious hackers from exploiting vulnerabilities – especially when it’s known that several of the flaws are already being actively targeted. 

MORE ON CYBERSECURITY

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version