Microsoft Patch Tuesday security updates for May 2022 addressed three zero-day vulnerabilities, one of which is under active attack.
The IT giant fixed a total of 74 flaws in Microsoft Windows and Windows Components, .NET and Visual Studio, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Office and Office Components, Windows Hyper-V, Windows Authentication Methods, BitLocker, Windows Cluster Shared Volume (CSV), Remote Desktop Client, Windows Network File System, NTFS, and Windows Point-to-Point Tunneling Protocol.
Of the 74 flaws addressed by the company, seven are rated Critical, 66 are rated Important, and one is rated Low in severity. Seven of these issues were reported through the ZDI program.
The zero-day flaw under active attack, tracked as ‘CVE-2022-26925, is a Windows LSA Spoofing vulnerability.
The flaw can be exploited by an unauthenticated attacker to force a domain controller to authenticate against another server using NTLM.
“An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM. This security update detects anonymous connection attempts in LSARPC and disallows it.” read the advisory published by Microsoft.
The other zero-day issues addressed by Microsoft are a Windows Hyper-V Denial of Service flaw, tracked as CVE-2022-22713 and Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver.
The company also fixed a Windows Network File System Remote Code Execution Vulnerability, tracked as CVE-2022-26937. Remote, unauthenticated attackers can exploit the issue to execute code in the context of the Network File System (NFS) service on affected systems. Experts pointed out that NFS isn’t enabled by default, but it’s a common option in environments where Windows systems are other OSes coexist.
The complete list of vulnerabilities addressed with the release of Microsoft Patch Tuesday security updates for May 2022 is available here.
Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform
(SecurityAffairs – hacking, Microsoft Patch Tuesday security updates for May 2022)