Reading Time: 2 minutes

Microsoft Patches critical remote-code-exec flaw in exchange server and others. 71 security flaws have been addressed by Microsoft, this includes 3 critical remote code execution vulnerabilities. 

The three critical RCEs is in Microsoft Exchange Server, have been labeled as follows:

According to Redmond, CVE-2022-23277 can be exploited by an authenticated user to “trigger malicious code in the context of the server’s account through a network call.” The CVE-2022-24501 exists in the VP9 Video Extensions app available on the Microsoft Store. It can be exploited by the bad actors by convincing a user to open a malicious video file. Once they open it the code is stashed within the footage to execute on the victim’s machine. CVE-2022-22006 on the other hand is an HEVC Video Extensions remote code execution vulnerability and can be exploited similarly.  Microsoft will automatically push updates and patches for this software.

Patches have been issued by Microsoft for several other products which include Office, Windows, Internet Explorer, Defender, and Azure Site Recovery. 

The other vulnerabilities highlighted by Dustin Childs at the Zero Day Initiative includes:

  • CVE-2022-21990: The vulnerability allows bad actors to hijack a PC via its RDP client when connecting to a malicious server. 
  • CVE-2022-24508: The vulnerability can be executed remotely to gain access and execute malicious code on Windows 10 version 2004 and newer systems via SMBv3.
  • CVE-2022-24512: A vulnerability present in .NET and Visual Studio, and details of the bug are public.
  • CVE-2022-24459 comes with a ton of elevation-of-privilege flaws, particularly  in the Windows Fax and Scan Service of which details are public; 
  • CVE-2022-21967: A flaw present in the Xbox Live Auth Manager for Windows.
  • CVE-2022-23266: A flaw present in Defender for IoT (which also has an RCE,CVE-2022-23265.)

Users are advised to implement Microsoft’s patches as required and deploy them as soon as possible to stay protected. 

Related Articles:
Samsung the next Victim of Data Theft after Nvidia as Hackers leak 190 GB Data
Global Consultancies Say Bye Bye Russia
SharkBot Banking Malware Rampantly using Fake Android Antivirus App on Google Play Store