During the first Tuesday of patch 2022, Microsoft patched a number of critical vulnerabilities in Windows and Windows Server. One of the most dangerous vulnerabilities lies in the HTTP Protocol Stack and allows attackers to execute code remotely on the computer.
Windows Monthly Security Update Close in January complete series From 96 major and minor errors in various Windows components, Office, Teams, Exchange Server, Edge, and .NET Framework. Two CVSS vulnerabilities were given a score of 9.8, which means they are very critical. Around CVE-2022-21907 in a CVE-2022-21849.
The first is the rce vulnerability that allows attackers to remotely execute code by sending a packet to a Windows computer using the HTTP Protocol Stack. The attacker does not need to allow the user to perform an action nor does he need any privileges in the system. This makes this vulnerability well suited to a worm and particularly affects server users. For example, a single attack can affect an entire intranet.
According to Microsoft, the vulnerability has not yet been exploited and no public proof of an exploit is available yet. Microsoft is still inviting users Prioritize fixing this vulnerability in the system. The vulnerability was discovered by Russian security researcher Mikhail Medvedev.
The second with a CVSS score of 9.8 is a vulnerability in version 2. of Windows Internet Key Exchange. An attacker can run many vulnerabilities remotely without authentication and thus remote code execution. Microsoft writes that only systems running IPSec are vulnerable to this attack.
In addition, there are a number of other vulnerabilities that are relatively highly rated in CVSS. one of them CVE-2022-21846. This vulnerability in Microsoft Exchange Server is rated 9 out of 10. This means that it is serious, but Microsoft makes it clear that this vulnerability cannot be exploited simply from the Internet, but accessing the same physical network, or accessing a shared secure network, for example MPLS or secure VPN provides access to the administrator’s environment. This vulnerability was reported to Microsoft by the US intelligence agency NSA.