Η Microsoft κυκλοφόρησε χθες το Patch Tuesday Ιουλίου 2022, το οποίο διορθώνει 84 ευπάθειες ασφαλείας. Μια από αυτές, είναι μια zero-day ευπάθεια που είχε ήδη χρησιμοποιηθεί σε επιθέσεις.
Τέσσερα από τα 84 σφάλματα που επιδιορθώθηκαν, ταξινομούνται ως “Κρίσιμα“, καθώς επιτρέπουν την εκτέλεση κώδικα απομακρυσμένα. Τα υπόλοιπα 80 θεωρούνται σοβαρά.
Δείτε επίσης: YouTube iOS: Το picture-in-picture mode διαθέσιμο σε όλους τους χρήστες στις ΗΠΑ
Στην παρακάτω λίστα μπορείτε να δείτε τις κατηγορίες στις οποίες ανήκουν οι ευπάθειες που διορθώνονται με το Microsoft Patch Tuesday Ιουλίου:
Mark Zuckerberg: Ο δεύτερος πλουσιότερος άνθρωπος
Ένα «νέο αστέρι» φωτίζεται στο νυχτερινό ουρανό
Mark Zuckerberg: Έγινε ο δεύτερος πλουσιότερος άνθρωπος! 💰💰
- 52 ευπάθειες που επιτρέπουν την απόκτηση περισσότερων προνομίων
- 12 ευπάθειες που επιτρέπουν την εκτέλεση κώδικα απομακρυσμένα
- 11 ευπάθειες που επιτρέπουν αποκάλυψη πληροφοριών
- 5 ευπάθειες Denial of Service
- 4 ευπάθειες που επιτρέπουν την παράκαμψη λειτουργιών ασφαλείας
Σε αυτή τη λίστα δεν περιλαμβάνονται δύο ευπάθειες που είχαν διορθωθεί προηγουμένως στον Microsoft Edge.
Microsoft Patch Tuesday Ιουλίου: Διορθώνει zero-day που χρησιμοποιήθηκε σε επιθέσεις
Η zero-day ευπάθεια που διορθώθηκε αυτό το μήνα, είναι μια ευπάθεια που επιτρέπει την απόκτηση περισσότερων προνομίων στα ευάλωτα συστήματα.
Δείτε επίσης: Nokia νέες συσκευές: Nokia 2660, Nokia 5710, Nokia 8210 και Nokia T10
Η Microsoft ταξινομεί μια ευπάθεια ως zero-day εάν αποκαλύπτεται δημόσια ή γίνεται ενεργή εκμετάλλευση χωρίς να έχει κυκλοφορήσει επίσημη ενημέρωση κώδικα.
Η ευπάθεια zero-day που χρησιμοποιήθηκε σε επιθέσεις και διορθώθηκε τώρα, παρακολουθείται ως “CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerity“.
“Ένας εισβολέας που εκμεταλλεύεται επιτυχώς αυτήν την ευπάθεια, μπορεί να αποκτήσει SYSTEM privileges“, εξηγεί η Microsoft.
“Με αυτό το επίπεδο πρόσβασης, οι επιτιθέμενοι μπορούν να απενεργοποιήσουν local services, όπως Endpoint Detection και Security εργαλεία“, δήλωσε στο The Hacker News ο Kev Breen, διευθυντής έρευνας για απειλές στον κυβερνοχώρο στην Immersive Labs. “Με SYSTEM access μπορούν επίσης να αναπτύξουν εργαλεία όπως το Mimikatz που μπορούν να χρησιμοποιηθούν για την ανάκτηση ακόμη περισσότερων λογαριασμών σε επίπεδο διαχειριστή και domain, διαδίδοντας γρήγορα την απειλή“.
Αυτή η ευπάθεια ανακαλύφθηκε εσωτερικά από το Microsoft Threat Intelligence Center (MSTIC) και το Microsoft Security Response Center (MSRC).
Δείτε επίσης: Apple Beta iOS 16, macOS Ventura, watchOS 9 είναι έτοιμα για λήψη
Microsoft Patch Tuesday Ιουλίου 2022: Όλες οι ευπάθειες που διορθώνονται
Στον παρακάτω πίνακα, μπορείτε να δείτε αναλυτικά όλες τις ευπάθειες που διορθώνονται με τις ενημερώσεις ασφαλείας αυτού του μήνα.
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
AMD CPU Branch | CVE-2022-23825 | AMD: CVE-2022-23825 AMD CPU Branch Type Confusion | Important |
AMD CPU Branch | CVE-2022-23816 | AMD: CVE-2022-23816 AMD CPU Branch Type Confusion | Important |
Azure Site Recovery | CVE-2022-33665 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33666 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33663 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33664 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33667 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33672 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33673 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33671 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33668 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33661 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33662 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33657 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33656 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33658 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33660 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33659 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33655 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33651 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33650 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33652 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33654 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33653 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33669 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33643 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-30181 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33676 | Azure Site Recovery Remote Code Execution Vulnerability | Important |
Azure Site Recovery | CVE-2022-33677 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33678 | Azure Site Recovery Remote Code Execution Vulnerability | Important |
Azure Site Recovery | CVE-2022-33642 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33674 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33675 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Site Recovery | CVE-2022-33641 | Azure Site Recovery Elevation of Privilege Vulnerability | Important |
Azure Storage Library | CVE-2022-30187 | Azure Storage Library Information Disclosure Vulnerability | Important |
Microsoft Defender for Endpoint | CVE-2022-33637 | Microsoft Defender for Endpoint Tampering Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-2295 | Chromium: CVE-2022-2295 Type Confusion in V8 | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-2294 | Chromium: CVE-2022-2294 Heap buffer overflow in WebRTC | Unknown |
Microsoft Graphics Component | CVE-2022-22034 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-30213 | Windows GDI+ Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-30221 | Windows Graphics Component Remote Code Execution Vulnerability | Critical |
Microsoft Office | CVE-2022-33632 | Microsoft Office Security Feature Bypass Vulnerability | Important |
Open Source Software | CVE-2022-27776 | HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data | Important |
Role: DNS Server | CVE-2022-30214 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: Windows Fax Service | CVE-2022-22024 | Windows Fax Service Remote Code Execution Vulnerability | Important |
Role: Windows Fax Service | CVE-2022-22027 | Windows Fax Service Remote Code Execution Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-30223 | Windows Hyper-V Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-22042 | Windows Hyper-V Information Disclosure Vulnerability | Important |
Skype for Business and Microsoft Lync | CVE-2022-33633 | Skype for Business and Lync Remote Code Execution Vulnerability | Important |
Windows Active Directory | CVE-2022-30215 | Active Directory Federation Services Elevation of Privilege Vulnerability | Important |
Windows Advanced Local Procedure Call | CVE-2022-30202 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability | Important |
Windows Advanced Local Procedure Call | CVE-2022-30224 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability | Important |
Windows Advanced Local Procedure Call | CVE-2022-22037 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability | Important |
Windows BitLocker | CVE-2022-22711 | Windows BitLocker Information Disclosure Vulnerability | Important |
Windows BitLocker | CVE-2022-22048 | BitLocker Security Feature Bypass Vulnerability | Important |
Windows Boot Manager | CVE-2022-30203 | Windows Boot Manager Security Feature Bypass Vulnerability | Important |
Windows Client/Server Runtime Subsystem | CVE-2022-22026 | Windows CSRSS Elevation of Privilege Vulnerability | Important |
Windows Client/Server Runtime Subsystem | CVE-2022-22049 | Windows CSRSS Elevation of Privilege Vulnerability | Important |
Windows Client/Server Runtime Subsystem | CVE-2022-22047 | Windows CSRSS Elevation of Privilege Vulnerability | Important |
Windows Connected Devices Platform Service | CVE-2022-30212 | Windows Connected Devices Platform Service Information Disclosure Vulnerability | Important |
Windows Credential Guard | CVE-2022-22031 | Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability | Important |
Windows Fast FAT Driver | CVE-2022-22043 | Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | Important |
Windows Fax and Scan Service | CVE-2022-22050 | Windows Fax Service Elevation of Privilege Vulnerability | Important |
Windows Group Policy | CVE-2022-30205 | Windows Group Policy Elevation of Privilege Vulnerability | Important |
Windows IIS | CVE-2022-30209 | Windows IIS Server Elevation of Privilege Vulnerability | Important |
Windows IIS | CVE-2022-22025 | Windows Internet Information Services Cachuri Module Denial of Service Vulnerability | Important |
Windows IIS | CVE-2022-22040 | Internet Information Services Dynamic Compression Module Denial of Service Vulnerability | Important |
Windows Kernel | CVE-2022-21845 | Windows Kernel Information Disclosure Vulnerability | Important |
Windows Media | CVE-2022-22045 | Windows.Devices.Picker.dll Elevation of Privilege Vulnerability | Important |
Windows Media | CVE-2022-30225 | Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability | Important |
Windows Network File System | CVE-2022-22029 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows Network File System | CVE-2022-22028 | Windows Network File System Information Disclosure Vulnerability | Important |
Windows Network File System | CVE-2022-22039 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows Performance Counters | CVE-2022-22036 | Performance Counters for Windows Elevation of Privilege Vulnerability | Important |
Windows Point-to-Point Tunneling Protocol | CVE-2022-30211 | Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | Important |
Windows Portable Device Enumerator Service | CVE-2022-22023 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-30206 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-30226 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-22022 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-22041 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-22038 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Critical |
Windows Security Account Manager | CVE-2022-30208 | Windows Security Account Manager (SAM) Denial of Service Vulnerability | Important |
Windows Server Service | CVE-2022-30216 | Windows Server Service Tampering Vulnerability | Important |
Windows Shell | CVE-2022-30222 | Windows Shell Remote Code Execution Vulnerability | Important |
Windows Storage | CVE-2022-30220 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
XBox | CVE-2022-33644 | Xbox Live Save Service Elevation of Privilege Vulnerability | Important |
Πηγή: www.bleepingcomputer.com