Microsoft Patches Two Zero-Day Vulnerabilities
Each month, Microsoft releases a big security update known as “Patch Tuesday.” As the name implies, the update comes on the second Tuesday of each month, fixing any security vulnerabilities the company found since the previous Patch Tuesday update. This past Tuesday’s patch was notable, since the company fixed two zero-days among other critical vulnerabilities.
The patch fixes 49 vulnerabilities in total. According to Bleeping Computer, six of these vulnerabilities are rated as “Critical,” meaning they are of upmost importance to patch:
- CVE-2022-41127 – Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
- CVE-2022-44690 – Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2022-44693 – Microsoft SharePoint Server Remote Code Execution Vulnerability
- CVE-2022-41076 – PowerShell Remote Code Execution Vulnerability
- CVE-2022-44670 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
- CVE-2022-44676 – Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
However, these critical vulnerabilities aren’t the most severe issues. While it’s important you patch these issues on your system, the two zero-days Microsoft’s update patches are more important. Zero-days are vulnerabilities the developer previously weren’t aware of, which makes them dangerous. If someone discovers an exploit for these zero-days before the developers do, there’s no telling how long users are sitting targets for.
Unfortunately, one of these zero-days has an active exploit. It’s being tracked as CVE-2022-44698, relating to a security bypass problem in Windows SmartScreen. It’s being used to spread QBot and Magniber ransomware, a particularly nasty form of malware that holds the victim’s system hostage.
The other zero-day here is tracked as CVE-2022-44710, and is a DirectX Graphics kernel privilege escalation vulnerability. If exploited, it could allow a hacker to gain system privileges to your network.