Lucene search

Greg WisemanRAPID7BLOG:C62665D003B287EB5E4FC604B7578606

HistoryMar 08, 2022 - 9:08 p.m.

Patch Tuesday - March 2022

2022-03-0821:08:35

Greg Wiseman

blog.rapid7.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON

Patch Tuesday - March 2022

Microsoft’s March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.

Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.

SharePoint administrators get a break this month, though on the client side, a handful of Office vulnerabilities were fixed. Three separate RCEs in Visio, Tampering and Security Feature Bypass vulnerabilities in Word, and Information Disclosure in the Skype Extension for Chrome all got patched.

CVE-2022-24508 is an RCE affecting Windows SMBv3, which has potential for widespread exploitation, assuming an attacker can put together a suitable exploit. Luckily, like this month’s Exchange vulnerabilities, this too requires authentication.

Organizations using Microsoft’s Azure Site Recovery service should be aware that 11 CVEs were fixed with today’s updates, split between RCEs and LPEs. They are all specific to the scenario where an on-premise VMware deployment is set up to use Azure for disaster recovery.

Summary charts

Patch Tuesday - March 2022

Summary tables

Apps vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-23282	Paint 3D Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24465	Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability	No	No	3.3	Yes

Azure vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24467	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24468	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24517	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24470	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24471	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24520	Azure Site Recovery Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-24469	Azure Site Recovery Elevation of Privilege Vulnerability	No	No	8.1	Yes
CVE-2022-24506	Azure Site Recovery Elevation of Privilege Vulnerability	No	No	6.5	Yes
CVE-2022-24515	Azure Site Recovery Elevation of Privilege Vulnerability	No	No	6.5	Yes
CVE-2022-24518	Azure Site Recovery Elevation of Privilege Vulnerability	No	No	6.5	Yes
CVE-2022-24519	Azure Site Recovery Elevation of Privilege Vulnerability	No	No	6.5	Yes

Browser vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-0809	Chromium: CVE-2022-0809 Out of bounds memory access in WebXR	No	No	N/A	Yes
CVE-2022-0808	Chromium: CVE-2022-0808 Use after free in Chrome OS Shell	No	No	N/A	Yes
CVE-2022-0807	Chromium: CVE-2022-0807 Inappropriate implementation in Autofill	No	No	N/A	Yes
CVE-2022-0806	Chromium: CVE-2022-0806 Data leak in Canvas	No	No	N/A	Yes
CVE-2022-0805	Chromium: CVE-2022-0805 Use after free in Browser Switcher	No	No	N/A	Yes
CVE-2022-0804	Chromium: CVE-2022-0804 Inappropriate implementation in Full screen mode	No	No	N/A	Yes
CVE-2022-0803	Chromium: CVE-2022-0803 Inappropriate implementation in Permissions	No	No	N/A	Yes
CVE-2022-0802	Chromium: CVE-2022-0802 Inappropriate implementation in Full screen mode	No	No	N/A	Yes
CVE-2022-0801	Chromium: CVE-2022-0801 Inappropriate implementation in HTML parser	No	No	N/A	Yes
CVE-2022-0800	Chromium: CVE-2022-0800 Heap buffer overflow in Cast UI	No	No	N/A	Yes
CVE-2022-0799	Chromium: CVE-2022-0799 Insufficient policy enforcement in Installer	No	No	N/A	Yes
CVE-2022-0798	Chromium: CVE-2022-0798 Use after free in MediaStream	No	No	N/A	Yes
CVE-2022-0797	Chromium: CVE-2022-0797 Out of bounds memory access in Mojo	No	No	N/A	Yes
CVE-2022-0796	Chromium: CVE-2022-0796 Use after free in Media	No	No	N/A	Yes
CVE-2022-0795	Chromium: CVE-2022-0795 Type Confusion in Blink Layout	No	No	N/A	Yes
CVE-2022-0794	Chromium: CVE-2022-0794 Use after free in WebShare	No	No	N/A	Yes
CVE-2022-0793	Chromium: CVE-2022-0793 Use after free in Views	No	No	N/A	Yes
CVE-2022-0792	Chromium: CVE-2022-0792 Out of bounds read in ANGLE	No	No	N/A	Yes
CVE-2022-0791	Chromium: CVE-2022-0791 Use after free in Omnibox	No	No	N/A	Yes
CVE-2022-0790	Chromium: CVE-2022-0790 Use after free in Cast UI	No	No	N/A	Yes
CVE-2022-0789	Chromium: CVE-2022-0789 Heap buffer overflow in ANGLE	No	No	N/A	Yes

Developer Tools vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24526	Visual Studio Code Spoofing Vulnerability	No	No	6.1	Yes
CVE-2020-8927	Brotli Library Buffer Overflow Vulnerability	No	No	6.5	Yes
CVE-2022-24512	.NET and Visual Studio Remote Code Execution Vulnerability	No	Yes	6.3	Yes
CVE-2022-24464	.NET and Visual Studio Denial of Service Vulnerability	No	No	7.5	No

Exchange Server vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24463	Microsoft Exchange Server Spoofing Vulnerability	No	No	6.5	Yes
CVE-2022-23277	Microsoft Exchange Server Remote Code Execution Vulnerability	No	No	8.8	Yes

Microsoft Office vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24522	Skype Extension for Chrome Information Disclosure Vulnerability	No	No	7.5	Yes
CVE-2022-24462	Microsoft Word Security Feature Bypass Vulnerability	No	No	5.5	Yes
CVE-2022-24511	Microsoft Office Word Tampering Vulnerability	No	No	5.5	Yes
CVE-2022-24509	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24461	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24510	Microsoft Office Visio Remote Code Execution Vulnerability	No	No	7.8	Yes

System Center vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-23265	Microsoft Defender for IoT Remote Code Execution Vulnerability	No	No	7.2	Yes
CVE-2022-23266	Microsoft Defender for IoT Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2022-23278	Microsoft Defender for Endpoint Spoofing Vulnerability	No	No	5.9	Yes

Windows vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-21967	Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24525	Windows Update Stack Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24508	Windows SMBv3 Client/Server Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-23284	Windows Print Spooler Elevation of Privilege Vulnerability	No	No	7.2	No
CVE-2022-21975	Windows Hyper-V Denial of Service Vulnerability	No	No	4.7	Yes
CVE-2022-23294	Windows Event Tracing Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-23291	Windows DWM Core Library Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-23288	Windows DWM Core Library Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-23286	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24455	Windows CD-ROM Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24507	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-23287	Windows ALPC Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24505	Windows ALPC Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24501	VP9 Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24451	VP9 Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24460	Tablet Windows User Interface Application Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-23295	Raw Image Extension Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-23300	Raw Image Extension Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-22010	Media Foundation Information Disclosure Vulnerability	No	No	4.4	Yes
CVE-2022-21977	Media Foundation Information Disclosure Vulnerability	No	No	3.3	Yes
CVE-2022-22006	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-23301	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-22007	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24452	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24453	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24456	HEVC Video Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes
CVE-2022-24457	HEIF Image Extensions Remote Code Execution Vulnerability	No	No	7.8	Yes

Windows ESU vulnerabilities

CVE	Title	Exploited	Publicly disclosed?	CVSSv3 base score	Has FAQ?
CVE-2022-24454	Windows Security Support Provider Interface Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-23299	Windows PDEV Elevation of Privilege Vulnerability	No	No	7.8	Yes
CVE-2022-23298	Windows NT OS Kernel Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-23297	Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2022-21973	Windows Media Center Update Denial of Service Vulnerability	No	No	5.5	No
CVE-2022-23296	Windows Installer Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-23290	Windows Inking COM Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-24502	Windows HTML Platforms Security Feature Bypass Vulnerability	No	No	4.3	Yes
CVE-2022-24459	Windows Fax and Scan Service Elevation of Privilege Vulnerability	No	Yes	7.8	No
CVE-2022-23293	Windows Fast FAT File System Driver Elevation of Privilege Vulnerability	No	No	7.8	No
CVE-2022-23281	Windows Common Log File System Driver Information Disclosure Vulnerability	No	No	5.5	Yes
CVE-2022-23283	Windows ALPC Elevation of Privilege Vulnerability	No	No	7	Yes
CVE-2022-24503	Remote Desktop Protocol Client Information Disclosure Vulnerability	No	No	5.4	Yes
CVE-2022-21990	Remote Desktop Client Remote Code Execution Vulnerability	No	Yes	8.8	Yes
CVE-2022-23285	Remote Desktop Client Remote Code Execution Vulnerability	No	No	8.8	Yes
CVE-2022-23253	Point-to-Point Tunneling Protocol Denial of Service Vulnerability	No	No	6.5	No