Image by OpenClipart-Vectors from Pixabay
Microsoft has issued patches for 117 CVEs in its April Patch Tuesday release, with nine rated critical and 108 as important, the most it has ever released for a single month since September 2020. Included among these were two zero-day vulnerabilities, one of which was exploited in the wild and reported to Microsoft by the NSA.
The security firm Tenable said vulnerabilities that allowed elevation of privileges made up nearly 39.3% of the flaws; remote code execution took up an equal percentage of the total.
The company highlighted two of the critical flaws; one was a Windows network file system vulnerability that allowed running of code remotely.
This flaw “received a CVSSv3 score of 9.8 and a rating of ‘Exploitation More Likely’, Tenable said. “An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted NFS protocol network messages to a vulnerable system.
}loadposition sam08}”Only systems with the NFS role enabled are at risk for exploitation; however, organisations should still apply the patch to all systems to ensure they are protected.”
The second critical flaw which was in Tenable’s sights was a Remote Procedure Call runtime remote code execution vulnerability.
Of this, the security outfit said it “received a CVSSv3 score of 9.8. An unauthenticated, remote attacker could exploit this vulnerability by sending ‘a specially crafted RPC call to an RPC host’.
“Patching is the best approach to fully address this vulnerability; however, if patching is not feasible, Microsoft recommends blocking TCP port 445 on the perimeter firewall to mitigate attempts to exploit this flaw. Despite applying this mitigation, systems could ‘still be vulnerable to attacks from within their enterprise perimeter’.”
Products covered by this month’s patches include:
- .NET Framework
- Active Directory Domain Services
- Azure SDK
- Azure Site Recovery
- LDAP – Lightweight Directory Access Protocol
- Microsoft Bluetooth Driver
- Microsoft Dynamics
- Microsoft Edge (Chromium-based)
- Microsoft Graphics Component
- Microsoft Local Security Authority Server (lsasrv)
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Windows ALPC
- Microsoft Windows Codecs Library
- Microsoft Windows Media Foundation
- Power BI
- Role: DNS Server
- Role: Windows Hyper-V
- Skype for Business
- Visual Studio
- Visual Studio Code
- Windows Ancillary Function Driver for WinSock
- Windows App Store
- Windows AppX Package Manager
- Windows Cluster Client Failover
- Windows Cluster Shared Volume (CSV)
- Windows Common Log File System Driver
- Windows Defender
- Windows DWM Core Library
- Windows Endpoint Configuration Manager
- Windows Fax Compose Form
- Windows Feedback Hub
- Windows File Explorer
- Windows File Server
- Windows Installer
- Windows iSCSI Target Service
- Windows Kerberos
- Windows Kernel
- Windows Local Security Authority Subsystem Service
- Windows Media
- Windows Network File System
- Windows PowerShell
- Windows Print Spooler Components
- Windows RDP
- Windows Remote Procedure Call Runtime
- Windows schannel
- Windows SMB
- Windows Telephony Server
- Windows Upgrade Assistant
- Windows User Profile Service
- Windows Win32K
- Windows Work Folder Service
- YARP reverse proxy
Please join our community here and become a VIP.
Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here
SONICWALL 2022 CYBER THREAT REPORT
The past year has seen a meteoric rise in ransomware incidents worldwide.
Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:
Zero-day attacks and more
These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.
Click the button below to get the report.
PROMOTE YOUR WEBINAR ON ITWIRE
It’s all about Webinars.
Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
MORE INFO HERE!