Patch Tuesday is once again upon us. The March 2022 edition of Patch Tuesday brings us 72 fixes, with 3 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the March 2022 Patch Tuesday Audit Report
Exchange Is Back on the Menu
Microsoft Exchange has been a recurring topic the last months with continuous problems and fixes being released. This month’s patch Tuesday includes a critical fix for Microsoft Exchange for CVE-2022-23277. A remote code execution vulnerability with a CVSS base score of 8.8. According to Microsoft’s exploitability assessment, this vulnerability’s exploitability is more likely, so quick pathing is recommended.
To exploit the vulnerability, the attacker must be authenticated, additionally, Microsoft lists that “As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call“.
In addition to the RCE, a spoofing vulnerability has also been disclosed. CVE-2022-24463 with a CVSS base score of 6.5 can lead to file content being exposed. Similar to the RCE, the attacker must be authenticated. To get file content the attacker would have to create a specially crafted network call to the target Exchange Server that causes the parsing of an http request made to an attacker-controlled server.
Video Codec RCE Vulnerabilities
Two video codec extensions offered through the Microsoft Store also contain remote code execution vulnerabilities. The VP9 video extension contains CVE-2022-24501 and the HEVC video extension contains CVE-2022-22006, both with a CVSS base score of 7.8.
The vulnerabilities can be exploited by convincing the user to open a specifically crafted file. Since these vulnerabilities lie in Microsoft Store apps, you’ll have to ensure that you’re not using or have the latest version with a fix installed. For VP9, this means version 1.0.42791.0. For HVEC, if the app is manufacturer pre-installed version 1.0.50361.0 or if you’ve purchased the app, version 1.0.50362.0.
Talking about Microsoft Store apps, Lansweeper 9.3, includes Microsoft Store app scanning, so you’ll be able to find exactly which devices have these apps installed and which version.
Run the Patch Tuesday March 2022 Audit Report
To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see at a glance which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured
Patch Tuesday March 2022 CVE Codes & Titles
| CVE Number | CVE Title |
| CVE-2022-24526 | Visual Studio Code Spoofing Vulnerability |
| CVE-2022-24525 | Windows Update Stack Elevation of Privilege Vulnerability |
| CVE-2022-24522 | Skype Extension for Chrome Information Disclosure Vulnerability |
| CVE-2022-24520 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24519 | Azure Site Recovery Elevation of Privilege Vulnerability |
| CVE-2022-24518 | Azure Site Recovery Elevation of Privilege Vulnerability |
| CVE-2022-24517 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24515 | Azure Site Recovery Elevation of Privilege Vulnerability |
| CVE-2022-24512 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2022-24511 | Microsoft Office Word Tampering Vulnerability |
| CVE-2022-24510 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-24509 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-24508 | Windows SMBv3 Client/Server Remote Code Execution Vulnerability |
| CVE-2022-24507 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2022-24506 | Azure Site Recovery Elevation of Privilege Vulnerability |
| CVE-2022-24505 | Windows ALPC Elevation of Privilege Vulnerability |
| CVE-2022-24503 | Remote Desktop Protocol Client Information Disclosure Vulnerability |
| CVE-2022-24502 | Windows HTML Platforms Security Feature Bypass Vulnerability |
| CVE-2022-24501 | VP9 Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-24471 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24470 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24469 | Azure Site Recovery Elevation of Privilege Vulnerability |
| CVE-2022-24468 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24467 | Azure Site Recovery Remote Code Execution Vulnerability |
| CVE-2022-24465 | Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability |
| CVE-2022-24464 | .NET and Visual Studio Denial of Service Vulnerability |
| CVE-2022-24463 | Microsoft Exchange Server Spoofing Vulnerability |
| CVE-2022-24462 | Microsoft Word Security Feature Bypass Vulnerability |
| CVE-2022-24461 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-24460 | Tablet Windows User Interface Application Elevation of Privilege Vulnerability |
| CVE-2022-24459 | Windows Fax and Scan Service Elevation of Privilege Vulnerability |
| CVE-2022-24457 | HEIF Image Extensions Remote Code Execution Vulnerability |
| CVE-2022-24456 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-24455 | Windows CD-ROM Driver Elevation of Privilege Vulnerability |
| CVE-2022-24454 | Windows Security Support Provider Interface Elevation of Privilege Vulnerability |
| CVE-2022-24453 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-24452 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-24451 | VP9 Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-23301 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-23300 | Raw Image Extension Remote Code Execution Vulnerability |
| CVE-2022-23299 | Windows PDEV Elevation of Privilege Vulnerability |
| CVE-2022-23298 | Windows NT OS Kernel Elevation of Privilege Vulnerability |
| CVE-2022-23297 | Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability |
| CVE-2022-23296 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2022-23295 | Raw Image Extension Remote Code Execution Vulnerability |
| CVE-2022-23294 | Windows Event Tracing Remote Code Execution Vulnerability |
| CVE-2022-23293 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability |
| CVE-2022-23291 | Windows DWM Core Library Elevation of Privilege Vulnerability |
| CVE-2022-23290 | Windows Inking COM Elevation of Privilege Vulnerability |
| CVE-2022-23288 | Windows DWM Core Library Elevation of Privilege Vulnerability |
| CVE-2022-23287 | Windows ALPC Elevation of Privilege Vulnerability |
| CVE-2022-23286 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2022-23285 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2022-23284 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-23283 | Windows ALPC Elevation of Privilege Vulnerability |
| CVE-2022-23282 | Paint 3D Remote Code Execution Vulnerability |
| CVE-2022-23281 | Windows Common Log File System Driver Information Disclosure Vulnerability |
| CVE-2022-23278 | Microsoft Defender for Endpoint Spoofing Vulnerability |
| CVE-2022-23277 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2022-23266 | Microsoft Defender for IoT Elevation of Privilege Vulnerability |
| CVE-2022-23265 | Microsoft Defender for IoT Remote Code Execution Vulnerability |
| CVE-2022-23253 | Point-to-Point Tunneling Protocol Denial of Service Vulnerability |
| CVE-2022-22010 | Media Foundation Information Disclosure Vulnerability |
| CVE-2022-22007 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-22006 | HEVC Video Extensions Remote Code Execution Vulnerability |
| CVE-2022-21990 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2022-21977 | Media Foundation Information Disclosure Vulnerability |
| CVE-2022-21975 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2022-21973 | Windows Media Center Update Denial of Service Vulnerability |
| CVE-2022-21967 | Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability |
| CVE-2022-21957 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability |
| CVE-2021-3711 | OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow |
| CVE-2021-36927 | Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability |
| CVE-2020-8927 | Brotli Library Buffer Overflow Vulnerability |
"*" indicates required fields
Receive the Latest Patch Tuesday Report for FREE Every Month
