04.13.2022

Microsoft Patch Tuesday, April 13, 2022

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 04/13/2022

Action Level - High

Description

Microsoft’s latest security update on Tuesday, April 12, 2022, contains 128 CVEs, with several that are either currently known to be exploited or were publicly known at the time of release.

Notably, CVE-2022-26809 is a potential RCE vulnerability that could be turned into a worm. It is rated as critical and affects all versions of Windows and Windows Server. Microsoft rates this vulnerability as ‘Exploitation More Likely’. This exploit would require TCP 445 to be reachable - blocking inbound access on this port could mitigate remote access, though exploitation via lateral movement would still be possible if the attacker gains a foothold on your internal network.

Another notable critical vulnerability is CVE-2022-24497, a potentially wormable bug that affects Windows devices with NFS enabled. As above, though NFS is not typically externally accessible by default, an attacker with a foothold on your network could potentially exploit this vulnerability without user interaction.

Overall, 10 of the CVEs in this cycle are rated Critical. One Important vulnerability is known to be exploited currently, and one other Important has been publicly disclosed.

Remediation

Ensure your devices are running current patches per vendor guidance. If you are unable to patch, review the Critical and Disclosed CVEs and explore their specific mitigation options. SANS has a consolidated list here.

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC