01.12.2022

Microsoft Patch

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 01/12/2022

Action Level - High

Microsoft’s latest patch on Tuesday, January 11, 2022, contains 126 CVEs, with a few that could eventually be problematic. 

Notably, CVE-2022-21907 is a potential RCE vulnerability that could be turned into a worm. It affects Server 2022, 20H2 core, and other versions of Windows 10 and Windows 11 where the trailer feature in http.sys is enabled by default. Server 2019 and Windows 10 v1809 do not have this feature enabled by default.

Three RCE vulnerabilities affecting Exchange are also patched. While these require an attacker to be on the same network as the exchange server, if your network doesn’t have proper segmentation an internal bad actor could exploit these. Further Microsoft rates the probability of exploit for these as “More Likely”.

10 Privilege Escalation vulnerabilities, rated as “More Likely” for exploitability, are also patched.

Overall 9 of these CVEs are rated Critical and 6 have been disclosed. At this time, none of these have public exploits. 

Remediation

Ensure your devices are running current patches per vendor guidance. If you are unable to patch, review the Critical and Disclosed CVEs and explore their specific mitigation options. SANS has a consolidated list here.

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC