Cookie Consent by Free Privacy Policy Generator โœ… Expertenwissen รผber das Thema "Windows"

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š The April 2022 Security Update Review


๐Ÿ’ก Newskategorie: Hacking
๐Ÿ”— Quelle: thezdi.com

Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.

Adobe Patches for April 2022

For April, Adobe released four updates addressing 70 CVEs in Acrobat and Reader, Photoshop, After Effects, and Adobe Commerce. The update for Acrobat and Reader is by far the largest, with 62 CVEs being addressed. A total of 54 of these CVEs were reported through the ZDI program, with ZDI vulnerability analyst Mat Powell responsible for 27 of these. The more severe vulnerabilities being fixed are the Critical-Rated Use-After-Free (UAF) and Out-of-Bounds (OOB) Write bugs. These could allow an attacker to execute code on a target system if they can convince a user to open a specially crafted PDF document. There are 13 CVEs fixed in the patch for Photoshop, and all of these were reported through the ZDI program. All the vulnerabilities addressed by this patch address Critical-rated code execution bugs. Again, an attacker would need to convince a user to open a specially crafted file to gain code execution.

The update for After Effects addresses two Critical-rated CVEs that could allow for code execution. Both bugs are listed as stack-based buffer overflows. Finally, the patch for Adobe Commerce fixes a single, Critical-rated vulnerability. Adobe rates this as a CVSS 9.1, but they also point out authentication would be required to exploit this bug. They also note admin privileges are required, so the high CVSS is somewhat puzzling. Still, if youโ€™re using Commerce, test and deploy this patch as soon as you are able.

None of the bugs fixed by Adobe this month are listed as publicly known or under active attack at the time of release.

Microsoft Patches for April 2022

This month, Microsoft released 128 new patches addressing CVEs in Microsoft Windows and Windows Components, Microsoft Defender and Defender for Endpoint, Microsoft Dynamics, Microsoft Edge (Chromium-based), Exchange Server, Office and Office Components, SharePoint Server, Windows Hyper-V, DNS Server, Skype for Business, .NET and Visual Studio, Windows App Store, and Windows Print Spooler Components. This is in addition to the 17 CVEs consumed from the Chromium Open-Source Software (OSS) by Microsoft Edge (Chromium-based), which brings the April total to 145 CVEs.

Of the 128 new CVEs released today, 10 are rated Critical, 115 are rated Important, and three are rated Moderate in severity. A total of six of these bugs came through the ZDI program. This large volume of patches hasnโ€™t been seen since the fall of 2020. However, this level is similar to what we saw in the first quarter of last year.

One of the bugs patched is listed as under active exploit this month, and one other is listed as publicly known at the time of release. Letโ€™s take a closer look at some of the more interesting updates for this month, starting with a Critical-rated bug that could prove wormable:

-ย ย ย ย ย ย  CVE-2022-26809 - RPC Runtime Library Remote Code Execution Vulnerability
This bug is rated as a CVSS 9.8, and the exploit index notes exploitation is more likely. The vulnerability could allow a remote attacker to executed code at high privileges on an affected system. Since no user interaction is required, these factors combine to make this wormable, at least between machine where RPC can be reached. However, the static port used here (TCP port 135) is typically blocked at the network perimeter. Still, this bug could be used for lateral movement by an attacker. Definitely test and deploy this one quickly.

-ย ย ย ย ย ย  CVE-2022-24491/24497 โ€“ Windows Network File System Remote Code Execution Vulnerability
Speaking of nearly wormable bugs, these two NFS vulnerabilities also rate a 9.8 CVSS and are listed as exploitation more likely. On systems where the NFS role is enabled, a remote attacker could execute their code on an affected system with high privileges and without user interaction. Again, that adds up to a wormable bug โ€“ at least between NFS servers. Similar to RPC, this is often blocked at the network perimeter. However, Microsoft does provide guidance on how the RPC port multiplexer (port 2049) โ€œis firewall-friendly and simplifies deployment of NFS.โ€ Check your installations and roll out these patches rapidly.

-ย ย ย ย ย ย  CVE-2022-26815 - Windows DNS Server Remote Code Execution Vulnerability
This vulnerability is the most severe of the 18(!) DNS Server bugs receiving patches this month. This bug is also very similar to one patched back in February, which makes one wonder if this bug is the result of a failed patch. There are a couple of important mitigations to point out here. The first is that dynamic updates must be enabled for a server to be affected by this bug. The CVSS also lists some level of privileges to exploit. Still, any chance of an attacker getting RCE on a DNS server is one too many, so get your DNS servers patched.

-ย ย ย ย ย ย  CVE-2022-26904 - Windows User Profile Service Elevation of Privilege Vulnerability
This is one of the publicly known bugs patched this month, and not only is PoC out there for it, thereโ€™s a Metasploit module as well. This privilege escalation vulnerability allows an attacker to gain code execution at SYSTEM level on affected systems. They would, of course, need some level privileges before they could escalate. Thatโ€™s why these types of bugs are often paired with code execution bugs like the ones in Adobe Reader (mentioned above) to completely take over a system.

Hereโ€™s the full list of CVEs released by Microsoft for April 2022:

CVE Title Severity CVSS Public Exploited Type
CVE-2022-24521 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No Yes EoP
CVE-2022-26904 Windows User Profile Service Elevation of Privilege Vulnerability Important 7 Yes No EoP
CVE-2022-23259 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Critical 8.8 No No RCE
CVE-2022-26809 RPC Runtime Library Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.7 No No RCE
CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability Critical 8.6 No No RCE
CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability Critical 7.7 No No RCE
CVE-2022-26919 Windows LDAP Remote Code Execution Vulnerability Critical 8.1 No No RCE
CVE-2022-24491 Windows Network File System Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2022-24497 Windows Network File System Remote Code Execution Vulnerability Critical 9.8 No No RCE
CVE-2022-24541 Windows Server Service Remote Code Execution Vulnerability Critical 8.8 No No RCE
CVE-2022-24500 Windows SMB Remote Code Execution Vulnerability Critical 8.8 No No RCE
CVE-2022-26832 .NET Framework Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2022-26907 Azure SDK for .NET Information Disclosure Vulnerability Important 5.3 No No Info
CVE-2022-26896 Azure Site Recovery Elevation of Privilege Vulnerability Important 4.9 No No EoP
CVE-2022-26897 Azure Site Recovery Elevation of Privilege Vulnerability Important 4.9 No No EoP
CVE-2022-26898 Azure Site Recovery Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-24489 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24479 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26830 DiskUsage.exe Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-24767 GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account Important Unknown No No EoP
CVE-2022-24765 GitHub: Uncontrolled search for the Git directory in Git for Windows Important Unknown No No EoP
CVE-2022-24532 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-24496 Local Security Authority (LSA) Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability Important 5.5 No No DoS
CVE-2022-24475 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-26891 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-26894 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-26895 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-26900 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-26908 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 8.3 No No EoP
CVE-2022-24473 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-26901 Microsoft Excel Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-26924 YARP Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2022-24493 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2022-23292 Microsoft Power BI Spoofing Vulnerability Important 7.1 No No Spoofing
CVE-2022-24472 Microsoft SharePoint Server Spoofing Vulnerability Important 8 No No Spoofing
CVE-2022-26788 PowerShell Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24533 Remote Desktop Protocol Remote Code Execution Vulnerability Important 8 No No RCE
CVE-2022-24492 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2022-24528 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2022-26910 Skype for Business and Lync Spoofing Vulnerability Important 5.3 No No Spoofing
CVE-2022-26911 Skype for Business Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2022-26921 Visual Studio Code Elevation of Privilege Vulnerability Important Unknown No No EoP
CVE-2022-24513 Visual Studio Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24485 Win32 File Enumeration Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-21983 Win32 Stream Enumeration Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-24534 Win32 Stream Enumeration Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-26914 Win32k Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24482 Windows ALPC Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-24540 Windows ALPC Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-24494 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24549 Windows AppX Package Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26828 Windows Bluetooth Driver Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-24484 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Important 5.5 No No DoS
CVE-2022-24538 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2022-26784 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2022-24481 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24488 Windows Desktop Bridge Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24547 Windows Digital Media Receiver Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24495 Windows Direct Show - Remote Code Execution Vulnerability Important 7 No No RCE
CVE-2022-26816 Windows DNS Server Information Disclosure Vulnerability Important 4.9 No No Info
CVE-2022-24536 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26811 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26812 Windows DNS Server Remote Code Execution Vulnerability Important 6.7 No No RCE
CVE-2022-26813 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26814 Windows DNS Server Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-26815 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2022-26817 Windows DNS Server Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-26818 Windows DNS Server Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-26819 Windows DNS Server Remote Code Execution Vulnerability Important 6.6 No No RCE
CVE-2022-26820 Windows DNS Server Remote Code Execution Vulnerability Important 6.6 No No RCE
CVE-2022-26821 Windows DNS Server Remote Code Execution Vulnerability Important 6.6 No No RCE
CVE-2022-26822 Windows DNS Server Remote Code Execution Vulnerability Important 6.6 No No RCE
CVE-2022-26823 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26824 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26825 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26826 Windows DNS Server Remote Code Execution Vulnerability Important 7.2 No No RCE
CVE-2022-26829 Windows DNS Server Remote Code Execution Vulnerability Important 7.5 No No RCE
CVE-2022-24546 Windows DWM Core Library Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24527 Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26916 Windows Fax Compose Form Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-26917 Windows Fax Compose Form Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-26918 Windows Fax Compose Form Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-26808 Windows File Explorer Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-26810 Windows File Server Resource Management Service Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26827 Windows File Server Resource Management Service Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-26920 Windows Graphics Component Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2022-26903 Windows Graphics Component Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-23268 Windows Hyper-V Denial of Service Vulnerability Important 6.5 No No DoS
CVE-2022-22009 Windows Hyper-V Remote Code Execution Vulnerability Important 7.7 No No RCE
CVE-2022-24490 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability Important 8.1 No No Info
CVE-2022-24539 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability Important 8.1 No No Info
CVE-2022-26783 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2022-26785 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2022-24499 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24530 Windows Installer Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24498 Windows iSCSI Target Service Information Disclosure Vulnerability Important 6.5 No No Info
CVE-2022-24486 Windows Kerberos Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24544 Windows Kerberos Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24545 Windows Kerberos Remote Code Execution Vulnerability Important 8.1 No No RCE
CVE-2022-24483 Windows Kernel Information Disclosure Vulnerability Important 5.5 No No Info
CVE-2022-26831 Windows LDAP Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2022-24487 Windows Local Security Authority (LSA) Remote Code Execution Vulnerability Important 8.8 No No RCE
CVE-2022-26786 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26787 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26789 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26790 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26791 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26792 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26793 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26794 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26795 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26796 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26797 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26798 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26801 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26802 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26803 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26915 Windows Secure Channel Denial of Service Vulnerability Important 7.5 No No DoS
CVE-2022-24550 Windows Telephony Server Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24543 Windows Upgrade Assistant Remote Code Execution Vulnerability Important 7.8 No No RCE
CVE-2022-24474 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-24542 Windows Win32k Elevation of Privilege Vulnerability Important 7.8 No No EoP
CVE-2022-26807 Windows Work Folder Service Elevation of Privilege Vulnerability Important 7 No No EoP
CVE-2022-26909 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate 8.3 No No EoP
CVE-2022-26912 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Moderate 8.3 No No EoP
CVE-2022-24523 Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate 4.3 No No EoP
CVE-2022-1129 * Chromium: Inappropriate implementation in Full Screen Mode High N/A No No RCE
CVE-2022-1128 * Chromium: Inappropriate implementation in Web Share API High N/A No No RCE
CVE-2022-1130 * Chromium: Insufficient validation of untrusted input in WebOTP High N/A No No RCE
CVE-2022-1134 * Chromium: Type Confusion in V8 High N/A No No RCE
CVE-2022-1232 * Chromium: Type Confusion in V8 High N/A No No RCE
CVE-2022-1131 * Chromium: Use after free in Cast UI High N/A No No RCE
CVE-2022-1125 * Chromium: Use after free in Portals High N/A No No RCE
CVE-2022-1127 * Chromium: Use after free in QR Code Generator High N/A No No RCE
CVE-2022-1133 * Chromium: Use after free in WebRTC High N/A No No RCE
CVE-2022-1143 * Chromium: Heap buffer overflow in WebUI Medium N/A No No RCE
CVE-2022-1139 * Chromium: Inappropriate implementation in Background Fetch API Medium N/A No No N/A
CVE-2022-1137 * Chromium: Inappropriate implementation in Extensions Medium N/A No No N/A
CVE-2022-1138 * Chromium: Inappropriate implementation in Web Cursor Medium N/A No No N/A
CVE-2022-1145 * Chromium: Use after free in Extensions Medium N/A No No RCE
CVE-2022-1135 * Chromium: Use after free in Shopping Cart Medium N/A No No RCE
CVE-2022-1136 * Chromium: Use after free in Tab Strip Medium N/A No No RCE
CVE-2022-1146 * Chromium: Inappropriate implementation in Resource Timing Low N/A No No EoP

* Indicates this CVE had previously been released by a 3rd-party and is now being incorporated into Microsoft products.

We should also call attention CVE-2022-24521, which is a bug in the Windows Common Log File System Driver and listed as under active attack. Since this vulnerability only allows a privilege escalation, it is likely paired with a separate code execution bug. We should also point out that this was reported by the National Security Agency. Itโ€™s not stated how widely the exploit is being used in the wild, but itโ€™s likely still targeted at this point and not broadly available. Go patch your systems before that situation changes.

Looking at the remaining Critical-rated bugs patched this month, there are three RCE vulnerabilities impacted the Hyper-V server. In these cases, someone on a guest OS could gain code execution on the underlying host OS. Thereโ€™s a bug in the LDAP service thatโ€™s remote and does not require user interaction. However, to be affected, the default setting for MaxReceiveBuffer LDAP setting must be changed. This isnโ€™t something thatโ€™s commonly tweaked, but if your environment has this setting, pay attention to this one. There are Critical patches for SMB and the Server service. In both cases, a user must connect to a malicious share, which would typically require some form of social engineering โ€“ like a link in an email or instant message. This is yet another port (TCP 445) that should be blocked at the perimeter. Finally, thereโ€™s an update for Microsoft Dynamics 365 (on prem). This vulnerability requires a user to run a specially crafted trusted solution package to execute arbitrary SQL commands. This would allow an attacker to escalate and execute commands with the privileges of the db_owner.

Moving on to the Important-rated patches, the first that stand out are the bunches of fixes for some all too familiar components. Weโ€™ve already mentioned the 18 fixes for the DNS Server component. Most of these have multiple mitigations, but many could allow remote code execution. Thereโ€™s one info disclosure bug thrown in there for good measure. Despite this component being around for years, it seems there are still bugs to find. There are also 15 patches for the Print Spooler this month. Ever since PrintNightmare last year, print spooler bugs seem to just keep coming. It makes sense as the printing system is complex and offers attackers a broad attack surface. Letโ€™s hope these patches donโ€™t cause the types of problems introduced by some the other printer-related patches. And when it comes to large groups of patches, there are a mountain of CVEs affecting the Edge (Chromium-based) browser as well. Most of these bugs were patched by Google and consumed by Edge earlier this month. However, this demonstrates the risk of everyone relying on the same browser platform. A bug in one is now shared by many. ย 

In total, there are 47 patches to correct RCE bugs in this monthโ€™s patch. Beyond those already mentioned, thereโ€™s yet another RDP client bug that would allow code execution if a user connected to a malicious RDP server. If that sounds familiar, there was a similar bug last month (and more going back months prior). There are a few open-and-own bug in Office components, most notably Excel. The chances of people applying patches to Excel before April 15 seem low, so letโ€™s hope these bugs donโ€™t get exploited. There are a couple of intriguing bugs affecting Win32 file enumeration, although these also require a user to connect to a malicious server or share. There hasnโ€™t been much research on this component, so it will be interesting to see if further bugs are found. Finally, thereโ€™s an RCE in Kerberos, but to be affected, the system needs Restricted Admin or Windows Defender Remote Credential Guard enabled on a box with Remote Desktop Connections configured. Itโ€™s not clear how common this configuration is, but you should check your systems and apply the update as needed.

The April release includes 59 patches to address Elevation of Privilege (EoP) bugs this month. For the most part, these are in Windows components and would need to be paired with an RCE to allow an attacker to take over a system. A few do stand out. The first is a vulnerability in the Windows Telephony Server that was reported by ZDI vulnerability researcher Simon Zuckerbraun. This flaw exists within the CreateObjectHandler COM object. Crafted method invocations on this object can trigger the deserialization of untrusted data. There are also a pair of bugs in Azure Site Recovery that should be called out as well. Donโ€™t let the admin credential requirement fool you. This bug applies to the VMWare-to-Azure scenario, and administrators will need to upgrade to the latest version to mitigate these vulns.

There are 10 fixes address that address information disclosure bugs. For the most part, these only result in leaks consisting of unspecified memory contents. The lone exception is the bug impacting the Skype for Business. This vulnerability could inadvertently disclose file content to an attacker, but Microsoft doesnโ€™t specific if any file content can be exposed or if just files in specific locations.

April brings eight updates to address DoS bugs, and a few stand out over the others. Thereโ€™s a DoS in Microsoft Defender, but Microsoft provides no details. Another is a DoS bug in Hyper-V, which is always inconvenient if you happen to be one of the other guest OSes on that Hyper-V server. There are a trio of DoS vulnerabilities in the Windows Cluster Shared Volume (CSV) component, but again, Microsoft provides not details on how the DoS manifests. There are also no details provided about the DoS in Windows Secure Channel, but considering how much relies on schannel these days, definitely donโ€™t take this update lightly.

This monthโ€™s update is rounded out by three updates addressing spoofing bugs. The spoofing bug in SharePoint could allow an authenticated user to send malicious content in SIP Address field. This would allow the user to have access to content that is otherwise not authorized. The spoofing vulnerability in Skype for Business and Lync could expose IP addresses or port numbers to an attacker. Finally, the patch for Power BI requires multiple uses hitting the gateway at the same time. While this can likely be scripted, it does increase the attack complexity.

No new advisories were released this month. The latest servicing stack updates can be found in the revised ADV990001.

Looking Ahead

The next Patch Tuesday falls on May 10, and weโ€™ll return with details and patch analysis then. Until then, stay safe, happy patching, and may all your reboots be smooth and clean!

...



๐Ÿ“Œ April, April: Die genialsten WhatsApp-Sprüche zum 1. April


๐Ÿ“ˆ 21.4 Punkte

๐Ÿ“Œ April, April: So wird die IT-Welt 2019 in den April geschickt


๐Ÿ“ˆ 21.4 Punkte

๐Ÿ“Œ April, April: Das sind die 5 besten April-Scherze 2023


๐Ÿ“ˆ 21.4 Punkte

๐Ÿ“Œ The April 2022 Security Update Review


๐Ÿ“ˆ 20.54 Punkte

๐Ÿ“Œ Microsoft kรผndigt Windows 10 April 2018 Update fรผr 30. April an [Update]


๐Ÿ“ˆ 19.3 Punkte

๐Ÿ“Œ The April 2019 Security Update Review


๐Ÿ“ˆ 17.96 Punkte

๐Ÿ“Œ The April 2020 Security Update Review


๐Ÿ“ˆ 17.96 Punkte

๐Ÿ“Œ The April 2021 Security Update Review


๐Ÿ“ˆ 17.96 Punkte

๐Ÿ“Œ The April 2023 Security Update Review


๐Ÿ“ˆ 17.96 Punkte

๐Ÿ“Œ Windows 10: Creators Update manuell ab 5. April, Mobil ab 25. April


๐Ÿ“ˆ 16.79 Punkte

๐Ÿ“Œ Creators Update bereits ab 5. April manuell verfรผgbar โ€“ Mobile folgt ab 25. April


๐Ÿ“ˆ 16.79 Punkte

๐Ÿ“Œ Windows 10 April 2018 Update is Coming On April 30


๐Ÿ“ˆ 16.79 Punkte

๐Ÿ“Œ iPhone Self Repair Program, Twitter, Studio Display webcam 'fix' - Apple's April 2022 in review


๐Ÿ“ˆ 16.11 Punkte

๐Ÿ“Œ Cyber Security Headlines โ€“ Week in Review โ€“ April 12-16, 2021


๐Ÿ“ˆ 15.44 Punkte

๐Ÿ“Œ April, April: Die besten Aprilscherze der IT-Welt im Rรผckblick


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Samsung Galaxy S8 Pre-Orders to Start on April 7, to Hit the Shelves on April 21


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Coronavirus-themed attacks April 05 โ€“ April 11, 2020


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Coronavirus-themed attacks April 12 โ€“ April 18, 2020


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Coronavirus-themed attacks April 19 โ€“ April 25, 2020


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ heise online scherzt nicht mehr zum April, April


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ April, April: Die Scherzparade aus aller Welt


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ April, April? PlatinumGames und Hamster kรผndigen Shoot 'em up Sol Cresta an


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ April, April! Die besten Aprilscherze 2021 aus der Welt des Gaming


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ April, April: Ideen fรผr Streiche via WhatsApp und Co.


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Apple BKC opens April 18 and Apple Saket opens April 20


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Apple opens two retail stores in India: Apple BKC in Mumbai on April 18th and Apple Saket in Delhi on April 20th


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ #TGIQF: April, April โ€“ welche News hagelten diese Woche auf uns herein?


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ Deadline Extended for Automation April Shortcuts Contest to April 21st


๐Ÿ“ˆ 14.27 Punkte

๐Ÿ“Œ EU moves Microsoft-Activision deal deadline review to April 25


๐Ÿ“ˆ 13.53 Punkte

๐Ÿ“Œ CYBERSECURITY INDUSTRY NEWS REVIEW โ€“ APRIL 4, 2023


๐Ÿ“ˆ 13.53 Punkte

๐Ÿ“Œ CYBERSECURITY INDUSTRY NEWS REVIEW โ€“ APRIL 11, 2023


๐Ÿ“ˆ 13.53 Punkte

๐Ÿ“Œ Apple's April 2023 in review: Honoring Steve Jobs, opening up India, and learning to save


๐Ÿ“ˆ 13.53 Punkte

๐Ÿ“Œ The May 2022 Security Update Review


๐Ÿ“ˆ 13.4 Punkte

๐Ÿ“Œ The May 2022 Security Update Review


๐Ÿ“ˆ 13.4 Punkte











matomo