{"id":8412,"date":"2022-01-26T11:55:34","date_gmt":"2022-01-26T18:55:34","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&p=8412"},"modified":"2023-03-03T14:28:43","modified_gmt":"2023-03-03T21:28:43","slug":"january-microsoft-patches-97-security-vulnerabilities","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/january-microsoft-patches-97-security-vulnerabilities\/","title":{"rendered":"January 2022: Microsoft Patches 97 Security Vulnerabilities"},"content":{"rendered":"
Microsoft patched 97 unique security vulnerabilities in January 2022, including six zero-days and nine critical-rated CVEs. We analyzed these weaknesses and spotlighted the most important vulnerabilities that ought to be fixed on priority.<\/p>\n
<\/p>\n
\n
This January, Microsoft patched 97 vulnerabilities discovered in 2022.<\/p>\n
The number of CVEs classified as remote code execution bugs: 29<\/p>\n<\/li>\n
The number of CVEs with privilege escalation capabilities: 41<\/p>\n<\/li>\n
The number of CVEs linked to information disclosure: 6<\/p>\n<\/li>\n
The number of CVEs with denial-of-service capabilities: 9<\/p>\n<\/li>\n
The number of CVEs with spoofing possibilities: 3<\/p>\n<\/li>\n
The number of CVEs with security bypass: 3<\/p>\n<\/li>\n<\/ul>\n
Six of these issues were publicly known at the time of release, although none are currently being exploited.<\/p>\n
<\/p>\n
\n
Microsoft had released fixes for six zero-day vulnerabilities this month in which three bugs were classified as remote code executions.<\/p>\n
CVE-2021-22947<\/a> – Open Source Curl<\/p>\n CVE-2021-36976<\/a> – Libarchive<\/p>\n CVE-2022-21919<\/a> – Windows User Profile Service<\/p>\n CVE-2022-21836<\/a> – Windows Certificate<\/p>\n CVE-2022-21839<\/a> – Windows Event Tracing Discretionary Access Control List<\/p>\n CVE-2022-21874<\/a> – Windows Security Center API<\/p>\n None of the zero-day flaws above are known to have been exploited in the wild.<\/p>\n \n CVE-2022-21907 uncovered in Exchange server (CVSS score: 9.8), a remote code execution flaw in the HTTP Protocol Stack. To successfully exploit this vulnerability, threat actors must transmit deliberately generated packets to targeted Windows servers, which process packets using the vulnerable HTTP Protocol Stack.<\/p>\n This severe wormable weakness has been discovered to affect the most recent desktop and server Windows systems, including Windows 11 and Windows Server 2022. Fortunately, the vulnerability is not actively being exploited, and no publicly announced proof of concept attacks exist.<\/p>\n Microsoft advises users to prioritize addressing this issue on all affected systems since it allows unauthenticated attackers to remotely execute arbitrary code in low complexity attacks.<\/p>\n \n Of these 97 CVEs, nine of them are rated as critical, while six of them are zero-days.<\/p>\n <\/p>\n \n Affected systems include: Windows and associated components, Edge, Exchange Server, Office and related components, SharePoint Server, .NET Framework, Microsoft Dynamics, Windows Hyper-V, Windows Defender, and Windows Remote Desktop Protocol (RDP).<\/p>\n <\/p>\n \n When analyzing the weaknesses in code of these patched vulnerabilities, 41% of the CVEs are classified under the CWE-269 which leads to Improper Privilege Management. CWE-94 (Improper Control of Generation of Code) holds second place with 9%. Most concerning is that these two software weaknesses are listed under 2021 CWE Top 25 Most Dangerous Weaknesses.<\/a><\/p>\n <\/p>\nCVE-2022-21907: Wormable HTTP Vulnerability<\/h2>\n
Severity<\/h2>\n
Affected Products<\/h2>\n
Common Weakness Enumeration<\/h2>\n