Microsoft has released the May 2022 Patch Tuesday. The patches fix three zero-day vulnerabilities, one of which is actively exploited, and 75 vulnerabilities. According to the released security update, eight vulnerabilities are rated as “critical” and sixty-six as “important.”
The categories of some of the vulnerabilities fixed in the May 2022 Patch Tuesday are as follows:
- 26 Remote Code Execution vulnerability
- 21 Privilege Escalation vulnerability
- 17 Information Disclosure vulnerability
- 6 Denial of Service vulnerability
Through SOCRadar’s easy-to-use Vulnerability Intelligence dashboard, obtain insights into which vulnerabilities are being used by threat actors and get a threat landscape-centric picture of global vulnerability trends to better prioritize patching.
One of the Zero-Days is Actively Exploited
One of the zero-day vulnerabilities fixed with May 2022 Patch Tuesday is the Windows LSA Spoofing vulnerability with code CVE-2022-26925. In its security advisory, Microsoft states that threat actors can exploit this vulnerability to block authentication requests and use them to gain privilege escalation, assuming the identity of a domain controller.
Other fixed zero-day vulnerabilities are CVE-2022-22713 Windows Hyper-V Denial of Service Vulnerability and SynLapse alias CVE-2022-29972 Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver Vulnerability.
Some of the vulnerabilities considered “critical,” and “important” are:
- CVE-2022-26937 (CVSS 9.8): Windows Network File System RCE Vulnerability
- CVE-2022-22012 (CVSS: 9.8): Windows LDAP RCE Vulnerability
- CVE-2022-26927 (CVSS 8.8): Windows Graphics Component RCE Vulnerability
- CVE-2022-29133 (CVSS 8.8): Windows Kernel Elevation of Privilege Vulnerability
- CVE-2022-22019 (CVSS 8.8): Remote Procedure Call Runtime RCE Vulnerability
- CVE-2022-30129 (CVSS 8.8): Visual Studio RCE Vulnerability
- CVE-2022-29108 (CVSS 8.8): Microsoft SharePoint Server RCE Vulnerability
Cybersecurity experts state that, following Microsoft’s release of May 2022 Patch Tuesday, threat actors will also begin to develop new exploit methods by analyzing updates. That’s why the immediate application of patches is of great importance.
With SOCRadar® Free Edition, you’ll be able to:
- Discover your unknown hacker-exposed assets
- Check if your IP addresses tagged as malicious
- Monitor your domain name on hacked websites and phishing databases
- Get notified when a critical zero-day vulnerability is disclosed
Free for 12 months for 1 corporate domain and 100 auto-discovered digital assets. Get free access.