PRUEBA AHORA
Patch Tuesday

Microsoft Patch Tuesday – March 2022

6 min. read
08/03/2022
By Esben Dochy
Microsoft Patch Tuesday March 2022

Patch Tuesday is once again upon us. The March 2022 edition of Patch Tuesday brings us 72 fixes, with 3 rated as critical. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the March 2022 Patch Tuesday Audit Report

Exchange Is Back on the Menu

Microsoft Exchange has been a recurring topic the last months with continuous problems and fixes being released. This month’s patch Tuesday includes a critical fix for Microsoft Exchange for CVE-2022-23277. A remote code execution vulnerability with a CVSS base score of 8.8. According to Microsoft’s exploitability assessment, this vulnerability’s exploitability is more likely, so quick pathing is recommended.

To exploit the vulnerability, the attacker must be authenticated, additionally, Microsoft lists that «As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call«.

In addition to the RCE, a spoofing vulnerability has also been disclosed. CVE-2022-24463 with a CVSS base score of 6.5 can lead to file content being exposed. Similar to the RCE, the attacker must be authenticated. To get file content the attacker would have to create a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server.

Video Codec RCE Vulnerabilities

Two video codec extensions offered through the Microsoft Store also contain remote code execution vulnerabilities. The VP9 video extension contains CVE-2022-24501 and the HEVC video extension contains CVE-2022-22006, both with a CVSS base score of 7.8.

The vulnerabilities can be exploited by convincing the user to open a specifically crafted file. Since these vulnerabilities lie in Microsoft Store apps, you’ll have to ensure that you’re not using or have the latest version with a fix installed. For VP9, this means version 1.0.42791.0. For HVEC, if the app is manufacturer pre-installed version 1.0.50361.0 or if you’ve purchased the app, version 1.0.50362.0.

Talking about Microsoft Store apps, Lansweeper 9.3, includes Microsoft Store app scanning, so you’ll be able to find exactly which devices have these apps installed and which version.

Run the Patch Tuesday March 2022 Audit Report

To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see at a glance which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured

Patch Tuesday March 2022 CVE Codes & Titles

CVE NumberCVE Title
CVE-2022-24526Visual Studio Code Spoofing Vulnerability
CVE-2022-24525Windows Update Stack Elevation of Privilege Vulnerability
CVE-2022-24522Skype Extension for Chrome Information Disclosure Vulnerability
CVE-2022-24520Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24519Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24518Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24517Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24515Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24512.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2022-24511Microsoft Office Word Tampering Vulnerability
CVE-2022-24510Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24509Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24508Windows SMBv3 Client/Server Remote Code Execution Vulnerability
CVE-2022-24507Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2022-24506Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24505Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-24503Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2022-24502Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2022-24501VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-24471Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24470Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24469Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-24468Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24467Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-24465Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability
CVE-2022-24464.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-24463Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-24462Microsoft Word Security Feature Bypass Vulnerability
CVE-2022-24461Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-24460Tablet Windows User Interface Application Elevation of Privilege Vulnerability
CVE-2022-24459Windows Fax and Scan Service Elevation of Privilege Vulnerability
CVE-2022-24457HEIF Image Extensions Remote Code Execution Vulnerability
CVE-2022-24456HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24455Windows CD-ROM Driver Elevation of Privilege Vulnerability
CVE-2022-24454Windows Security Support Provider Interface Elevation of Privilege Vulnerability
CVE-2022-24453HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24452HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24451VP9 Video Extensions Remote Code Execution Vulnerability
CVE-2022-23301HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-23300Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-23299Windows PDEV Elevation of Privilege Vulnerability
CVE-2022-23298Windows NT OS Kernel Elevation of Privilege Vulnerability
CVE-2022-23297Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
CVE-2022-23296Windows Installer Elevation of Privilege Vulnerability
CVE-2022-23295Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-23294Windows Event Tracing Remote Code Execution Vulnerability
CVE-2022-23293Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
CVE-2022-23291Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-23290Windows Inking COM Elevation of Privilege Vulnerability
CVE-2022-23288Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-23287Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-23286Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2022-23285Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-23284Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-23283Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-23282Paint 3D Remote Code Execution Vulnerability
CVE-2022-23281Windows Common Log File System Driver Information Disclosure Vulnerability
CVE-2022-23278Microsoft Defender for Endpoint Spoofing Vulnerability
CVE-2022-23277Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-23266Microsoft Defender for IoT Elevation of Privilege Vulnerability
CVE-2022-23265Microsoft Defender for IoT Remote Code Execution Vulnerability
CVE-2022-23253Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-22010Media Foundation Information Disclosure Vulnerability
CVE-2022-22007HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22006HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-21990Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-21977Media Foundation Information Disclosure Vulnerability
CVE-2022-21975Windows Hyper-V Denial of Service Vulnerability
CVE-2022-21973Windows Media Center Update Denial of Service Vulnerability
CVE-2022-21967Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability
CVE-2022-21957Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
CVE-2021-3711OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow
CVE-2021-36927Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability
CVE-2020-8927Brotli Library Buffer Overflow Vulnerability

Receive the Latest Patch Tuesday Report for FREE Every Month

"*" señala los campos obligatorios

This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
Este campo es un campo de validación y debe quedar sin cambios.