We are opening this thread on the following Threat Report. Please post all related discussions and recommendations to this thread.
Severity: High TLP: Green First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability
Tags- Critical CVE
Summary:
“Of the 96 vulnerabilities, nine are rated Critical and 89 are rated Important in severity, with six zero-day publicly known at the time of the release. This is in addition to 29 issues patched in Microsoft Edge on January 6, 2022. None of the disclosed bugs are listed as under attack. The patches cover a swath of the computing giant's portfolio, including Microsoft Windows and Windows Components, Exchange Server, Microsoft Office and Office Components, SharePoint Server, .NET Framework, Microsoft Dynamics, Open-Source Software, Windows Hyper-V, Windows Defender, and Windows Remote Desktop Protocol (RDP), (TheHackerNews, 2021).”
Analyst Comments:
Chief among them is CVE-2022-21907 (CVSS score: 9.8), a remote code execution vulnerability rooted in the HTTP Protocol Stack. In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
Microsoft also resolved six zero-days as part of its Patch Tuesday update, two of which are an integration of third-party fixes concerning the open-source libraries curl and libarchive.
- CVE-2021-22947 (CVSS score: N/A) – Open-Source curl Remote Code Execution Vulnerability
- CVE-2021-36976 (CVSS score: N/A) – Open-source libarchive Remote Code Execution Vulnerability
- CVE-2022-21836 (CVSS score: 7.8) – Windows Certificate Spoofing Vulnerability
- CVE-2022-21839 (CVSS score: 6.1) – Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
- CVE-2022-21874 (CVSS score: 7.8) – Windows Security Center API Remote Code Execution Vulnerability
- CVE-2022-21919 (CVSS score: 7.0) – Windows User Profile Service Elevation
Security updates have also been released by other vendors to rectify several vulnerabilities, including —
- Adobe
- Android
- Cisco
- Citrix
- Google Chrome
- Linux distributions Oracle Linux, Red Hat, and SUSE
- Mozilla Firefox, Firefox ESR, and Thunderbird
- Samba
- SAP
- Schneider Electric
- Siemens
- VMware, and
- WordPress
https://thehackernews.com/2022/01/first-patch-tuesday-of-2022-brings-fix.html