vulnerabilities A bunch of vulnerabilities in Windows, one already exploited Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components. Editorial Team April 13, 2022 In a traditional patch Tuesday update, Microsoft fixed a total of 128 vulnerabilities in various products and components. Of those, at least 10 are critical, at least two were known before the release of the patches and at least one of them was already actively exploited by unknown attackers. This is why it is a good idea update the operating system and other products as soon as possible. The most dangerous vulnerabilities According to the information available at this moment, CVE-2022-24521 seems to be the most dangerous of the bunch. It is a vulnerability in the Windows Common Log File System (CLFS) driver and is associated with privilege elevation. Despite a not-so-impressive CVSS:3.1 rating (7.8), it’s fairly easy to exploit. Which, in fact, some unknown attackers are already doing. CVE-2022-26904, another privilege elevation vulnerability, resides in the Windows User Profiles system service. It also has a relatively low rating on the CVSS:3.1 scale (7.0). However, this vulnerability was also known before the update was released, therefore it is logical to assume that potential attackers could start exploiting it faster than the others. All critical-level vulnerabilities in Windows the big update addresses are related to remote code execution (RCE). Of these, CVE-2022-26809 in the Windows Remote Procedure Call Runtime Library, as well as CVE-2022-24491 and CVE-2022-24497 in the Network File Access Protocol, have the highest severity rating — 9.8 points. Some experts believe, that the last three vulnerabilities may be wormable, that is, they can be used to launch self-propagating exploits over the network. To summarize, in total Microsoft published updates for 128 vulnerabilities in a wide variety of products and components, including the Edge browser, Defender, Office, Exchange, Sharepoint Server, Visual Studio and a lot more. We recommend that you examine the full list of affected products (spoiler: it is long) and prioritize the most critical updates for the products you use. How to stay safe In an ideal world, the most logical step would be to install all updates immediately. Of course, in real life this is not always possible — some companies need to test updates before rolling them out in their infrastructure. In this case, we recommend that you study the Mitigations sections in the official Microsoft bulletins. The full list of vulnerabilities and more detailed information about them is available in the update description on the company’s website. From our part, we recommend to use reliable security solutions on all computers and servers connected to the Internet, preferably the solutions that employ technologies capable of detecting the exploitation of vulnerabilities, both already discovered and still unknown.
Read next Stalkerware — the threat is still there What is stalkerware, how widespread is the problem, and what is the relationship between domestic and digital abuse.
Tips How to set up security and privacy in Nike Run Club This guide will walk you through the essential privacy settings in the Nike Run Club training app.
Tips How to set up security and privacy in Strava Want to keep your runs, rides, and hikes private on Strava? This guide will walk you through the essential privacy settings in this popular fitness app.
Tips Run for your data: Privacy settings in jogging apps Running apps know a lot about their users, so it’s worth setting them up to ensure your data doesn’t fall into the wrong hands. Here’s how.