Η Microsoft κυκλοφόρησε, χθες, το Patch Tuesday Απριλίου 2022, με το οποίο διορθώνει πάνω από 100 ευπάθειες. Δύο από αυτά τα σφάλματα είναι zero-day. Το Patch Tuesday είναι οι ενημερώσεις ασφαλείας που κυκλοφορεί η Microsoft κάθε μήνα για να αντιμετωπίσει ευπάθειες στα προϊόντα της.
Δείτε επίσης: Νέα χαρακτηριστικά έρχονται σύντομα στα Windows 11
Η νέα ενημέρωση (Patch Tuesday) διορθώνει συνολικά 119 ευπάθειες (χωρίς τις 26 ευπάθειες του Microsoft Edge). Οι δέκα ταξινομούνται ως “Κρίσιμες” καθώς επιτρέπουν την απομακρυσμένη εκτέλεση κώδικα.
Παρακάτω μπορείτε να δείτε συνοπτικά το είδος και τον αριθμό των ευπαθειών που διορθώνονται με το Microsoft Patch Tuesday Απριλίου:
- 47 Elevation of Privilege ευπάθειες
- 47 Remote Code Execution ευπάθειες
- 13 Information Disclosure ευπάθειες
- 9 Denial of Service ευπάθειες
- 3 Spoofing ευπάθειες
- 26 Edge – Chromium ευπάθειες
Microsoft Patch Tuesday: Διορθώνει δύο zero-day ευπάθειες
Όπως είπαμε και παραπάνω, με το Patch Tuesday αυτού του μήνα, η Microsoft αντιμετωπίζει και δύο zero-day ευπάθειες. Η μια από τις δύο έχει βρεθεί ότι χρησιμοποιείται ήδη σε επιθέσεις.
Η Microsoft ταξινομεί μια ευπάθεια ως zero-day, εάν αποκαλύπτεται δημόσια ή γίνεται ενεργή εκμετάλλευση χωρίς να υπάρχει διαθέσιμη ενημέρωση ασφαλείας.
Η εταιρεία είχε προσπαθήσει ξανά να διορθώσει την ευπάθεια που χρησιμοποιείται σε επιθέσεις.
Δείτε επίσης: Microsoft: Το Windows Autopatch θα κυκλοφορήσει σύντομα
Αναλυτικά οι δύο zero-day ευπάθειες:
CVE-2022-26904: ευπάθεια Elevation of Privilege στο Windows User Profile Service. Αυτή η ευπάθεια που επιτρέπει την απόκτηση περισσότερων προνομιών στα ευάλωτα συστήματα, ανακαλύφθηκε από την CrowdStrike και την Υπηρεσία Εθνικής Ασφάλειας των ΗΠΑ (NSA).
CVE-2022-24521: ευπάθεια Elevation of Privilege στο Windows Common Log File System Driver.
Οι εγκληματίες του κυβερνοχώρου προσπαθούν πάντα να αναλύουν τις ευπάθειες για να δουν πώς μπορούν να τις εκμεταλλευτούν. Επομένως, η άμεση εγκατάσταση του Patch Tuesday κρίνεται αναγκαία, ειδικά αν λάβουμε υπόψη και τον αριθμό των ζητημάτων ασφαλείας που αντιμετωπίζονται.
Δείτε επίσης: Microsoft: Η νέα δυνατότητα ασφαλείας των Windows 11 απαιτεί “clean install”
Patch: Αναλυτικές διορθώσεις
Στον παρακάτω πίνακα, μπορείτε να δείτε την πλήρη λίστα με τις ευπάθειες που διορθώνει η Microsoft με το Patch Tuesday Απριλίου.
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
.NET Framework | CVE-2022-26832 | .NET Framework Denial of Service Vulnerability | Important |
Active Directory Domain Services | CVE-2022-26814 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Active Directory Domain Services | CVE-2022-26817 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Azure SDK | CVE-2022-26907 | Azure SDK for .NET Information Disclosure Vulnerability | Important |
Azure Site Recovery | CVE-2022-26898 | Azure Site Recovery Remote Code Execution Vulnerability | Important |
Azure Site Recovery | CVE-2022-26897 | Azure Site Recovery Information Disclosure Vulnerability | Important |
Azure Site Recovery | CVE-2022-26896 | Azure Site Recovery Information Disclosure Vulnerability | Important |
LDAP – Lightweight Directory Access Protocol | CVE-2022-26831 | Windows LDAP Denial of Service Vulnerability | Important |
LDAP – Lightweight Directory Access Protocol | CVE-2022-26919 | Windows LDAP Remote Code Execution Vulnerability | Critical |
Microsoft Bluetooth Driver | CVE-2022-26828 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important |
Microsoft Dynamics | CVE-2022-23259 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | Critical |
Microsoft Edge (Chromium-based) | CVE-2022-26909 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-1139 | Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26912 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-26908 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1146 | Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26895 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-26900 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-26894 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1232 | Chromium: CVE-2022-1232 Type Confusion in V8 | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26891 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1125 | Chromium: CVE-2022-1125 Use after free in Portals | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1136 | Chromium: CVE-2022-1136 Use after free in Tab Strip | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-24475 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1145 | Chromium: CVE-2022-1145 Use after free in Extensions | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1135 | Chromium: CVE-2022-1135 Use after free in Shopping Cart | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1138 | Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1143 | Chromium: CVE-2022-1143 Heap buffer overflow in WebUI | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-24523 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-1137 | Chromium: CVE-2022-1137 Inappropriate implementation in Extensions | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1134 | Chromium: CVE-2022-1134 Type Confusion in V8 | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1127 | Chromium: CVE-2022-1127 Use after free in QR Code Generator | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1128 | Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1133 | Chromium: CVE-2022-1133 Use after free in WebRTC | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1130 | Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1129 | Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1131 | Chromium: CVE-2022-1131 Use after free in Cast UI | Unknown |
Microsoft Graphics Component | CVE-2022-26920 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-26903 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
Microsoft Local Security Authority Server (lsasrv) | CVE-2022-24493 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | Important |
Microsoft Office Excel | CVE-2022-24473 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office Excel | CVE-2022-26901 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office SharePoint | CVE-2022-24472 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
Microsoft Windows ALPC | CVE-2022-24482 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Microsoft Windows ALPC | CVE-2022-24540 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Microsoft Windows Codecs Library | CVE-2022-24532 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
Microsoft Windows Media Foundation | CVE-2022-24495 | Windows Direct Show – Remote Code Execution Vulnerability | Important |
Power BI | CVE-2022-23292 | Microsoft Power BI Spoofing Vulnerability | Important |
Role: DNS Server | CVE-2022-26815 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26816 | Windows DNS Server Information Disclosure Vulnerability | Important |
Role: DNS Server | CVE-2022-24536 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26824 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26823 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26822 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26829 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26826 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26825 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26821 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26820 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26813 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26818 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26819 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26811 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26812 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-22008 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-24490 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-24539 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-26785 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-26783 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-24537 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-23268 | Windows Hyper-V Denial of Service Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-23257 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-22009 | Windows Hyper-V Remote Code Execution Vulnerability | Important |
Skype for Business | CVE-2022-26911 | Skype for Business Information Disclosure Vulnerability | Important |
Skype for Business | CVE-2022-26910 | Skype for Business and Lync Spoofing Vulnerability | Important |
Visual Studio | CVE-2022-24767 | GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account | Important |
Visual Studio | CVE-2022-24765 | GitHub: Uncontrolled search for the Git directory in Git for Windows | Important |
Visual Studio | CVE-2022-24513 | Visual Studio Elevation of Privilege Vulnerability | Important |
Visual Studio Code | CVE-2022-26921 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
Windows Ancillary Function Driver for WinSock | CVE-2022-24494 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
Windows App Store | CVE-2022-24488 | Windows Desktop Bridge Elevation of Privilege Vulnerability | Important |
Windows AppX Package Manager | CVE-2022-24549 | Windows AppX Package Manager Elevation of Privilege Vulnerability | Important |
Windows Cluster Client Failover | CVE-2022-24489 | Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-24538 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-26784 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-24484 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Common Log File System Driver | CVE-2022-24521 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
Windows Common Log File System Driver | CVE-2022-24481 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
Windows Defender | CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | Important |
Windows DWM Core Library | CVE-2022-24546 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
Windows Endpoint Configuration Manager | CVE-2022-24527 | Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26917 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26916 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26918 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Feedback Hub | CVE-2022-24479 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Important |
Windows File Explorer | CVE-2022-26808 | Windows File Explorer Elevation of Privilege Vulnerability | Important |
Windows File Server | CVE-2022-26827 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
Windows File Server | CVE-2022-26810 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2022-24499 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2022-24530 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows iSCSI Target Service | CVE-2022-24498 | Windows iSCSI Target Service Information Disclosure Vulnerability | Important |
Windows Kerberos | CVE-2022-24545 | Windows Kerberos Remote Code Execution Vulnerability | Important |
Windows Kerberos | CVE-2022-24486 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
Windows Kerberos | CVE-2022-24544 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2022-24483 | Windows Kernel Information Disclosure Vulnerability | Important |
Windows Local Security Authority Subsystem Service | CVE-2022-24487 | Windows Local Security Authority (LSA) Remote Code Execution Vulnerability | Important |
Windows Local Security Authority Subsystem Service | CVE-2022-24496 | Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
Windows Media | CVE-2022-24547 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
Windows Network File System | CVE-2022-24491 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows Network File System | CVE-2022-24497 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows PowerShell | CVE-2022-26788 | PowerShell Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26789 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26787 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26786 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26796 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26790 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26803 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26802 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26794 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26795 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26797 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26798 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26791 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26801 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26793 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26792 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows RDP | CVE-2022-24533 | Remote Desktop Protocol Remote Code Execution Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-26809 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Critical |
Windows Remote Procedure Call Runtime | CVE-2022-24528 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-24492 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
Windows schannel | CVE-2022-26915 | Windows Secure Channel Denial of Service Vulnerability | Important |
Windows SMB | CVE-2022-24485 | Win32 File Enumeration Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-26830 | DiskUsage.exe Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-21983 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-24541 | Windows Server Service Remote Code Execution Vulnerability | Critical |
Windows SMB | CVE-2022-24500 | Windows SMB Remote Code Execution Vulnerability | Critical |
Windows SMB | CVE-2022-24534 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
Windows Telephony Server | CVE-2022-24550 | Windows Telephony Server Elevation of Privilege Vulnerability | Important |
Windows Upgrade Assistant | CVE-2022-24543 | Windows Upgrade Assistant Remote Code Execution Vulnerability | Important |
Windows User Profile Service | CVE-2022-26904 | Windows User Profile Service Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-24474 | Windows Win32k Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-26914 | Win32k Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-24542 | Windows Win32k Elevation of Privilege Vulnerability | Important |
Windows Work Folder Service | CVE-2022-26807 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
YARP reverse proxy | CVE-2022-26924 | YARP Denial of Service Vulnerability | Important |
Πηγή: www.bleepingcomputer.com