Microsoft April 2022 Patch Tuesday, (Tue, Apr 12th)

This month we got patches for 145 vulnerabilities. Of these, 10 are critical, 1 was previously disclosed, and one is already being exploited according to Microsoft.

The exploited vulnerability is an Elevation of Privilege on Windows Common Log File System Driver (CVE-2022-24521). There are no details about the vulnerability in the advisory. It is rated as important and has a CVSS of 7.80.

Among critical vulnerabilities, there is a Remote Code Execution (RCE) affecting  Windows Network File System (CVE-2022-24497). To exploit this vulnerability, an attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution. The vulnerability is only exploitable for systems that have the NFS role enabled. More information about NFS is available at https://docs.microsoft.com/en-us/windows-server/storage/nfs/nfs-overview and information about installing and uninstalling Roles Services is available at https://docs.microsoft.com/en-us/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features#install-roles-role-services-and-features-by-using-the-add-roles-and-features-wizard

But there’s another vulnerability even more worrying: an RCE affecting Remote Procedure Call Runtime (CVE-2022-26809). According to the advisory, exploitation of this vulnerability could result in remote code execution on the server-side with the same permissions as the RPC service. The vulnerability requires no user interaction, requires no privilege, has a low attack complexity and the attack vector is network. Due to those characteristics, this is a potential wormable vulnerability. The mitigation for the vulnerability is blocking port TCP/445 or protecting it as much as possible – mainly from access coming from the Internet. The exploitability is ‘More Likely‘ but there is no exploitation detected according to Microsoft. The CVSS is 9.80.

The already disclosed vulnerability affects Windows User Profile Service (CVE-2022-26904). According to the advisory, despite not requiring user interaction, the attack complexity for this vulnerability is high. The vulnerability’s exploitability is ‘More Likely’ and its CVSS is 7.00

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

April 2022 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Framework Denial of Service Vulnerability
%%cve:2022-26832%% No No Less Likely Less Likely Important 7.5 6.5
Azure SDK for .NET Information Disclosure Vulnerability
%%cve:2022-26907%% No No Less Likely Less Likely Important 5.3 4.8
Azure Site Recovery Information Disclosure Vulnerability
%%cve:2022-26896%% No No Less Likely Less Likely Important 4.9 4.3
%%cve:2022-26897%% No No Less Likely Less Likely Important 4.9 4.3
Azure Site Recovery Remote Code Execution Vulnerability
%%cve:2022-26898%% No No Less Likely Less Likely Important 7.2 6.3
Chromium: CVE-2022-1125 Use after free in Portals
%%cve:2022-1125%% No No    
Chromium: CVE-2022-1127 Use after free in QR Code Generator
%%cve:2022-1127%% No No    
Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API
%%cve:2022-1128%% No No    
Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode
%%cve:2022-1129%% No No    
Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP
%%cve:2022-1130%% No No    
Chromium: CVE-2022-1131 Use after free in Cast UI
%%cve:2022-1131%% No No    
Chromium: CVE-2022-1133 Use after free in WebRTC
%%cve:2022-1133%% No No    
Chromium: CVE-2022-1134 Type Confusion in V8
%%cve:2022-1134%% No No    
Chromium: CVE-2022-1135 Use after free in Shopping Cart
%%cve:2022-1135%% No No    
Chromium: CVE-2022-1136 Use after free in Tab Strip
%%cve:2022-1136%% No No    
Chromium: CVE-2022-1137 Inappropriate implementation in Extensions
%%cve:2022-1137%% No No    
Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor
%%cve:2022-1138%% No No    
Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API
%%cve:2022-1139%% No No    
Chromium: CVE-2022-1143 Heap buffer overflow in WebUI
%%cve:2022-1143%% No No    
Chromium: CVE-2022-1145 Use after free in Extensions
%%cve:2022-1145%% No No    
Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing
%%cve:2022-1146%% No No    
Chromium: CVE-2022-1232 Type Confusion in V8
%%cve:2022-1232%% No No    
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
%%cve:2022-24489%% No No Less Likely Less Likely Important 7.8 6.8
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
%%cve:2022-24479%% No No Less Likely Less Likely Important 7.8 6.8
DiskUsage.exe Remote Code Execution Vulnerability
%%cve:2022-26830%% No No Less Likely Less Likely Important 7.5 6.5
GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account
%%cve:2022-24767%% No No Less Likely Less Likely Important    
GitHub: Uncontrolled search for the Git directory in Git for Windows
%%cve:2022-24765%% No No Less Likely Less Likely Important    
HEVC Video Extensions Remote Code Execution Vulnerability
%%cve:2022-24532%% No No Less Likely Less Likely Important 7.8 6.8
Local Security Authority (LSA) Elevation of Privilege Vulnerability
%%cve:2022-24496%% No No Less Likely Less Likely Important 7.8 6.8
Microsoft Defender Denial of Service Vulnerability
%%cve:2022-24548%% No No Less Likely Less Likely Important 5.5 4.8
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
%%cve:2022-23259%% No No Less Likely Less Likely Critical 8.8 7.7
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
%%cve:2022-24475%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26891%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26894%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26895%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26900%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26908%% No No Less Likely Less Likely Important 8.3 7.2
%%cve:2022-26909%% No No Less Likely Less Likely Moderate 8.3 7.2
%%cve:2022-26912%% No No Less Likely Less Likely Moderate 8.3 7.2
Microsoft Edge (Chromium-based) Spoofing Vulnerability
%%cve:2022-24523%% No No Less Likely Less Likely Moderate 4.3 3.8
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2022-24473%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26901%% No No Less Likely Less Likely Important 7.8 6.8
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
%%cve:2022-24493%% No No Less Likely Less Likely Important 5.5 4.8
Microsoft Power BI Spoofing Vulnerability
%%cve:2022-23292%% No No Less Likely Less Likely Important 5.9 5.2
Microsoft SharePoint Server Spoofing Vulnerability
%%cve:2022-24472%% No No Less Likely Less Likely Important 8.0 7.0
PowerShell Elevation of Privilege Vulnerability
%%cve:2022-26788%% No No Less Likely Less Likely Important 7.8 6.8
Remote Desktop Protocol Remote Code Execution Vulnerability
%%cve:2022-24533%% No No Less Likely Less Likely Important 8.0 7.0
Remote Procedure Call Runtime Remote Code Execution Vulnerability
%%cve:2022-24528%% No No Less Likely Less Likely Important 8.8 7.7
%%cve:2022-24492%% No No Less Likely Less Likely Important 8.8 7.7
%%cve:2022-26809%% No No More Likely More Likely Critical 9.8 8.5
Skype for Business Information Disclosure Vulnerability
%%cve:2022-26911%% No No Less Likely Less Likely Important 6.5 5.7
Skype for Business and Lync Spoofing Vulnerability
%%cve:2022-26910%% No No Less Likely Less Likely Important 5.3 4.6
Visual Studio Code Elevation of Privilege Vulnerability
%%cve:2022-26921%% No No Less Likely Less Likely Important 7.3 6.4
Visual Studio Elevation of Privilege Vulnerability
%%cve:2022-24513%% No No Less Likely Less Likely Important 7.8 6.8
Win32 File Enumeration Remote Code Execution Vulnerability
%%cve:2022-24485%% No No Less Likely Less Likely Important 7.5 6.5
Win32 Stream Enumeration Remote Code Execution Vulnerability
%%cve:2022-21983%% No No Less Likely Less Likely Important 7.5 6.5
%%cve:2022-24534%% No No Less Likely Less Likely Important 7.5 6.5
Win32k Elevation of Privilege Vulnerability
%%cve:2022-26914%% No No More Likely More Likely Important 7.8 7.0
Windows ALPC Elevation of Privilege Vulnerability
%%cve:2022-24482%% No No Less Likely Less Likely Important 7.0 6.1
%%cve:2022-24540%% No No Less Likely Less Likely Important 7.0 6.1
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
%%cve:2022-24494%% No No Less Likely Less Likely Important 7.8 6.8
Windows AppX Package Manager Elevation of Privilege Vulnerability
%%cve:2022-24549%% No No Less Likely Less Likely Important 7.8 6.8
Windows Bluetooth Driver Elevation of Privilege Vulnerability
%%cve:2022-26828%% No No Less Likely Less Likely Important 7.0 6.1
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
%%cve:2022-24484%% No No Less Likely Less Likely Important 5.5 4.8
%%cve:2022-24538%% No No Less Likely Less Likely Important 6.5 5.7
%%cve:2022-26784%% No No Less Likely Less Likely Important 6.5 5.7
Windows Common Log File System Driver Elevation of Privilege Vulnerability
%%cve:2022-24521%% No Yes Detected Detected Important 7.8 7.2
%%cve:2022-24481%% No No More Likely More Likely Important 7.8 6.8
Windows DNS Server Information Disclosure Vulnerability
%%cve:2022-26816%% No No Less Likely Less Likely Important 6.5 5.7
Windows DNS Server Remote Code Execution Vulnerability
%%cve:2022-26811%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26812%% No No Less Likely Less Likely Important 7.2 6.5
%%cve:2022-26813%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-24536%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26814%% No No Less Likely Less Likely Important 6.6 5.9
%%cve:2022-26815%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26817%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26818%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26819%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26820%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26821%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26822%% No No Less Likely Less Likely Important 6.6 5.8
%%cve:2022-26823%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26824%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26825%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26826%% No No Less Likely Less Likely Important 7.2 6.3
%%cve:2022-26829%% No No Less Likely Less Likely Important 6.6 5.9
Windows DWM Core Library Elevation of Privilege Vulnerability
%%cve:2022-24546%% No No More Likely More Likely Important 7.8 6.8
Windows Desktop Bridge Elevation of Privilege Vulnerability
%%cve:2022-24488%% No No Less Likely Less Likely Important 7.8 6.8
Windows Digital Media Receiver Elevation of Privilege Vulnerability
%%cve:2022-24547%% No No More Likely More Likely Important 7.8 6.8
Windows Direct Show – Remote Code Execution Vulnerability
%%cve:2022-24495%% No No Less Likely Less Likely Important 7.0 6.1
Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability
%%cve:2022-24527%% No No Less Likely Less Likely Important 7.8 6.8
Windows Fax Compose Form Remote Code Execution Vulnerability
%%cve:2022-26916%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26917%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26918%% No No Less Likely Less Likely Important 7.8 6.8
Windows File Explorer Elevation of Privilege Vulnerability
%%cve:2022-26808%% No No Less Likely Less Likely Important 7.0 6.1
Windows File Server Resource Management Service Elevation of Privilege Vulnerability
%%cve:2022-26810%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26827%% No No Less Likely Less Likely Important 7.0 6.1
Windows Graphics Component Information Disclosure Vulnerability
%%cve:2022-26920%% No No Less Likely Less Likely Important 5.5 4.8
Windows Graphics Component Remote Code Execution Vulnerability
%%cve:2022-26903%% No No Less Likely Less Likely Important 7.8 6.8
Windows Hyper-V Denial of Service Vulnerability
%%cve:2022-23268%% No No Less Likely Less Likely Important 6.5 5.7
Windows Hyper-V Remote Code Execution Vulnerability
%%cve:2022-22008%% No No Less Likely Less Likely Critical 7.8 6.8
%%cve:2022-22009%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-23257%% No No Less Likely Less Likely Critical 8.8 7.7
%%cve:2022-24537%% No No Less Likely Less Likely Critical 7.8 6.8
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
%%cve:2022-24490%% No No Less Likely Less Likely Important 8.1 7.1
%%cve:2022-24539%% No No Less Likely Less Likely Important 8.1 7.1
%%cve:2022-26783%% No No Less Likely Less Likely Important 6.5 5.7
%%cve:2022-26785%% No No Less Likely Less Likely Important 6.5 5.7
Windows Installer Elevation of Privilege Vulnerability
%%cve:2022-24530%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-24499%% No No Less Likely Less Likely Important 7.8 6.8
Windows Kerberos Elevation of Privilege Vulnerability
%%cve:2022-24486%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-24544%% No No Less Likely Less Likely Important 7.8 6.8
Windows Kerberos Remote Code Execution Vulnerability
%%cve:2022-24545%% No No Less Likely Less Likely Important 8.1 7.1
Windows Kernel Information Disclosure Vulnerability
%%cve:2022-24483%% No No Less Likely Less Likely Important 5.5 4.8
Windows LDAP Denial of Service Vulnerability
%%cve:2022-26831%% No No Less Likely Less Likely Important 7.5 6.5
Windows LDAP Remote Code Execution Vulnerability
%%cve:2022-26919%% No No Less Likely Less Likely Critical 8.1 7.1
Windows Local Security Authority (LSA) Remote Code Execution Vulnerability
%%cve:2022-24487%% No No Less Likely Less Likely Important 8.8 7.7
Windows Network File System Remote Code Execution Vulnerability
%%cve:2022-24491%% No No More Likely More Likely Critical 9.8 8.5
%%cve:2022-24497%% No No More Likely More Likely Critical 9.8 8.5
Windows Print Spooler Elevation of Privilege Vulnerability
%%cve:2022-26786%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26787%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26789%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26790%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26791%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26792%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26793%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26794%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26795%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26796%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26797%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26798%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26801%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26802%% No No Less Likely Less Likely Important 7.8 6.8
%%cve:2022-26803%% No No Less Likely Less Likely Important 7.8 6.8
Windows SMB Remote Code Execution Vulnerability
%%cve:2022-24500%% No No Less Likely Less Likely Critical 8.8 7.7
Windows Secure Channel Denial of Service Vulnerability
%%cve:2022-26915%% No No Less Likely Less Likely Important 7.5 6.5
Windows Server Service Remote Code Execution Vulnerability
%%cve:2022-24541%% No No Less Likely Less Likely Critical 8.8 7.7
Windows Telephony Server Elevation of Privilege Vulnerability
%%cve:2022-24550%% No No Less Likely Less Likely Important 7.8 6.8
Windows Upgrade Assistant Remote Code Execution Vulnerability
%%cve:2022-24543%% No No Less Likely Less Likely Important 7.8 6.8
Windows User Profile Service Elevation of Privilege Vulnerability
%%cve:2022-26904%% Yes No More Likely More Likely Important 7.0 6.5
Windows Win32k Elevation of Privilege Vulnerability
%%cve:2022-24474%% No No More Likely More Likely Important 7.8 6.8
%%cve:2022-24542%% No No More Likely More Likely Important 7.8 6.8
Windows Work Folder Service Elevation of Privilege Vulnerability
%%cve:2022-26807%% No No Less Likely Less Likely Important 7.0 6.1
Windows iSCSI Target Service Information Disclosure Vulnerability
%%cve:2022-24498%% No No Less Likely Less Likely Important 6.5 5.7
YARP Denial of Service Vulnerability
%%cve:2022-26924%% No No Less Likely Less Likely Important 7.5 6.5


Renato Marinho
Morphus Labs| LinkedIn|Twitter

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

CyberSafe-WP-Admin