Microsoft April 2022 Patch Tuesday fixes 119 flaws, 2 zero-days
Today is Microsoft’s April 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of 119 flaws.
Microsoft has fixed 119 vulnerabilities (not including 26 Microsoft Edge vulnerabilities) with today’s update, with ten classified as Critical as they allow remote code execution.
Also Read: Cybersecurity Singapore: The nation’s approach to protecting its cybersecurity
The number of bugs in each vulnerability category is listed below:
- 47 Elevation of Privilege Vulnerabilities
- 0 Security Feature Bypass Vulnerabilities
- 47 Remote Code Execution Vulnerabilities
- 13 Information Disclosure Vulnerabilities
- 9 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
- 26 Edge – Chromium Vulnerabilities
For information about the non-security Windows updates, you can read about today’s Windows 10 KB5012599 and KB5012591 updates and the Windows 11 KB5012592 update.
Two zero-days fixed, one actively exploited
This month’s Patch Tuesday includes fixes for two zero-day vulnerabilities, one publicly disclosed and the other actively exploited in attacks.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The actively exploited zero-day vulnerability fixed today is a bug that security researcher Abdelhamid Naceri discovered that Microsoft previously tried to fix twice after new patch bypasses were discovered.
- CVE-2022-26904 – Windows User Profile Service Elevation of Privilege Vulnerability
The publicly exposed zero-day is a privilege elevation bug discovered by CrowdStrike and the US National Security Agency (NSA).
- CVE-2022-24521 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
Now that Microsoft has issued patches for these vulnerabilities, it should be expected for threat actors to analyze the vulnerabilities to learn how to exploit them.
Therefore, it is strongly advised to install today’s security updates as soon as possible.
Also Read: Knowing the basics of cybersecurity
Recent updates from other companies
Other vendors who released updates in April 2022 include:
- Adobe released security updates for Adobe Reader, Acrobat, Photoshop, Commerce, and After Effects.
- Google released Android’s April security updates.
- Cisco released security updates for numerous products this month.
- VMware released security updates for multiple products.
The April 2022 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities and released advisories in the April 2022 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Framework | CVE-2022-26832 | .NET Framework Denial of Service Vulnerability | Important |
| Active Directory Domain Services | CVE-2022-26814 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Active Directory Domain Services | CVE-2022-26817 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Azure SDK | CVE-2022-26907 | Azure SDK for .NET Information Disclosure Vulnerability | Important |
| Azure Site Recovery | CVE-2022-26898 | Azure Site Recovery Remote Code Execution Vulnerability | Important |
| Azure Site Recovery | CVE-2022-26897 | Azure Site Recovery Information Disclosure Vulnerability | Important |
| Azure Site Recovery | CVE-2022-26896 | Azure Site Recovery Information Disclosure Vulnerability | Important |
| LDAP – Lightweight Directory Access Protocol | CVE-2022-26831 | Windows LDAP Denial of Service Vulnerability | Important |
| LDAP – Lightweight Directory Access Protocol | CVE-2022-26919 | Windows LDAP Remote Code Execution Vulnerability | Critical |
| Microsoft Bluetooth Driver | CVE-2022-26828 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important |
| Microsoft Dynamics | CVE-2022-23259 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | Critical |
| Microsoft Edge (Chromium-based) | CVE-2022-26909 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
| Microsoft Edge (Chromium-based) | CVE-2022-1139 | Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-26912 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
| Microsoft Edge (Chromium-based) | CVE-2022-26908 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-1146 | Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-26895 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-26900 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-26894 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-1232 | Chromium: CVE-2022-1232 Type Confusion in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-26891 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-1125 | Chromium: CVE-2022-1125 Use after free in Portals | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1136 | Chromium: CVE-2022-1136 Use after free in Tab Strip | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-24475 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
| Microsoft Edge (Chromium-based) | CVE-2022-1145 | Chromium: CVE-2022-1145 Use after free in Extensions | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1135 | Chromium: CVE-2022-1135 Use after free in Shopping Cart | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1138 | Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1143 | Chromium: CVE-2022-1143 Heap buffer overflow in WebUI | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-24523 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
| Microsoft Edge (Chromium-based) | CVE-2022-1137 | Chromium: CVE-2022-1137 Inappropriate implementation in Extensions | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1134 | Chromium: CVE-2022-1134 Type Confusion in V8 | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1127 | Chromium: CVE-2022-1127 Use after free in QR Code Generator | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1128 | Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1133 | Chromium: CVE-2022-1133 Use after free in WebRTC | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1130 | Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1129 | Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode | Unknown |
| Microsoft Edge (Chromium-based) | CVE-2022-1131 | Chromium: CVE-2022-1131 Use after free in Cast UI | Unknown |
| Microsoft Graphics Component | CVE-2022-26920 | Windows Graphics Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2022-26903 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
| Microsoft Local Security Authority Server (lsasrv) | CVE-2022-24493 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | Important |
| Microsoft Office Excel | CVE-2022-24473 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2022-26901 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2022-24472 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
| Microsoft Windows ALPC | CVE-2022-24482 | Windows ALPC Elevation of Privilege Vulnerability | Important |
| Microsoft Windows ALPC | CVE-2022-24540 | Windows ALPC Elevation of Privilege Vulnerability | Important |
| Microsoft Windows Codecs Library | CVE-2022-24532 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
| Microsoft Windows Media Foundation | CVE-2022-24495 | Windows Direct Show – Remote Code Execution Vulnerability | Important |
| Power BI | CVE-2022-23292 | Microsoft Power BI Spoofing Vulnerability | Important |
| Role: DNS Server | CVE-2022-26815 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26816 | Windows DNS Server Information Disclosure Vulnerability | Important |
| Role: DNS Server | CVE-2022-24536 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26824 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26823 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26822 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26829 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26826 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26825 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26821 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26820 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26813 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26818 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26819 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26811 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: DNS Server | CVE-2022-26812 | Windows DNS Server Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-22008 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2022-24490 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-24539 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-26785 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-26783 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-24537 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2022-23268 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-23257 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
| Role: Windows Hyper-V | CVE-2022-22009 | Windows Hyper-V Remote Code Execution Vulnerability | Important |
| Skype for Business | CVE-2022-26911 | Skype for Business Information Disclosure Vulnerability | Important |
| Skype for Business | CVE-2022-26910 | Skype for Business and Lync Spoofing Vulnerability | Important |
| Visual Studio | CVE-2022-24767 | GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account | Important |
| Visual Studio | CVE-2022-24765 | GitHub: Uncontrolled search for the Git directory in Git for Windows | Important |
| Visual Studio | CVE-2022-24513 | Visual Studio Elevation of Privilege Vulnerability | Important |
| Visual Studio Code | CVE-2022-26921 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
| Windows Ancillary Function Driver for WinSock | CVE-2022-24494 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
| Windows App Store | CVE-2022-24488 | Windows Desktop Bridge Elevation of Privilege Vulnerability | Important |
| Windows AppX Package Manager | CVE-2022-24549 | Windows AppX Package Manager Elevation of Privilege Vulnerability | Important |
| Windows Cluster Client Failover | CVE-2022-24489 | Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-24538 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-26784 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-24484 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2022-24521 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Common Log File System Driver | CVE-2022-24481 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
| Windows Defender | CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | Important |
| Windows DWM Core Library | CVE-2022-24546 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
| Windows Endpoint Configuration Manager | CVE-2022-24527 | Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability | Important |
| Windows Fax Compose Form | CVE-2022-26917 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
| Windows Fax Compose Form | CVE-2022-26916 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
| Windows Fax Compose Form | CVE-2022-26918 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
| Windows Feedback Hub | CVE-2022-24479 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Important |
| Windows File Explorer | CVE-2022-26808 | Windows File Explorer Elevation of Privilege Vulnerability | Important |
| Windows File Server | CVE-2022-26827 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
| Windows File Server | CVE-2022-26810 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2022-24499 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows Installer | CVE-2022-24530 | Windows Installer Elevation of Privilege Vulnerability | Important |
| Windows iSCSI Target Service | CVE-2022-24498 | Windows iSCSI Target Service Information Disclosure Vulnerability | Important |
| Windows Kerberos | CVE-2022-24545 | Windows Kerberos Remote Code Execution Vulnerability | Important |
| Windows Kerberos | CVE-2022-24486 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
| Windows Kerberos | CVE-2022-24544 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2022-24483 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Local Security Authority Subsystem Service | CVE-2022-24487 | Windows Local Security Authority (LSA) Remote Code Execution Vulnerability | Important |
| Windows Local Security Authority Subsystem Service | CVE-2022-24496 | Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
| Windows Media | CVE-2022-24547 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
| Windows Network File System | CVE-2022-24491 | Windows Network File System Remote Code Execution Vulnerability | Critical |
| Windows Network File System | CVE-2022-24497 | Windows Network File System Remote Code Execution Vulnerability | Critical |
| Windows PowerShell | CVE-2022-26788 | PowerShell Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26789 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26787 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26786 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26796 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26790 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26803 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26802 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26794 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26795 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26797 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26798 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26791 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26801 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26793 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-26792 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows RDP | CVE-2022-24533 | Remote Desktop Protocol Remote Code Execution Vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2022-26809 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Critical |
| Windows Remote Procedure Call Runtime | CVE-2022-24528 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2022-24492 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
| Windows schannel | CVE-2022-26915 | Windows Secure Channel Denial of Service Vulnerability | Important |
| Windows SMB | CVE-2022-24485 | Win32 File Enumeration Remote Code Execution Vulnerability | Important |
| Windows SMB | CVE-2022-26830 | DiskUsage.exe Remote Code Execution Vulnerability | Important |
| Windows SMB | CVE-2022-21983 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
| Windows SMB | CVE-2022-24541 | Windows Server Service Remote Code Execution Vulnerability | Critical |
| Windows SMB | CVE-2022-24500 | Windows SMB Remote Code Execution Vulnerability | Critical |
| Windows SMB | CVE-2022-24534 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
| Windows Telephony Server | CVE-2022-24550 | Windows Telephony Server Elevation of Privilege Vulnerability | Important |
| Windows Upgrade Assistant | CVE-2022-24543 | Windows Upgrade Assistant Remote Code Execution Vulnerability | Important |
| Windows User Profile Service | CVE-2022-26904 | Windows User Profile Service Elevation of Privilege Vulnerability | Important |
| Windows Win32K | CVE-2022-24474 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Windows Win32K | CVE-2022-26914 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Win32K | CVE-2022-24542 | Windows Win32k Elevation of Privilege Vulnerability | Important |
| Windows Work Folder Service | CVE-2022-26807 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
| YARP reverse proxy | CVE-2022-26924 | YARP Denial of Service Vulnerability | Important |
0 Comments