Patch Tuesday
It’s the second week of the month again and you know what that means! Microsoft Patch Tuesday! 🎉
Microsoft has released 74 updates for multiple products this month – including seven Critical severity vulnerabilities, and one which is being actively exploited in the wild.
The most important patches are:
CVE-2022-26925 (Actively Exploited) is an LSA Spoofing vulnerability, which allows attackers to call a method in LSARPC to cause the domain controller to authenticate the attacker using NTLM. CVSS 3.1: 8.1 (High)
CVE-2022-26923 is a Privilege Escalation vulnerability in Active Directory Domain Services. This vulnerability allows an attacker to insert crafted data into an Active Directory certificate request and elevate privileges up to Domain Admin. CVSS 3.1: 8.8 (High)
Affected Products
.NET and Visual Studio
Microsoft Exchange Server
Microsoft Graphics Component
Microsoft Local Security Authority Server (lsasrv)
Microsoft Office
Microsoft Office Excel
Microsoft Office SharePoint
Microsoft Windows ALPC
Remote Desktop Client
Role: Windows Fax Service
Role: Windows Hyper-V
Self-hosted Integration Runtime
Tablet Windows User Interface
Visual Studio
Visual Studio Code
Windows Active Directory
Windows Address Book
Windows Authentication Methods
Windows BitLocker
Windows Cluster Shared Volume (CSV)
Windows Failover Cluster Automation Server
Windows Kerberos
Windows Kernel
Windows LDAP – Lightweight Directory Access Protocol
Windows Media
Windows Network File System
Windows NTFS
Windows Point-to-Point Tunneling Protocol
Windows Print Spooler Components
Windows Push Notifications
Windows Remote Access Connection Manager
Windows Remote Desktop
Windows Remote Procedure Call Runtime
Windows Server Service
Windows Storage Spaces Controller
Windows WLAN Auto Config Service