Patch Tuesday – January 2022

Patch Tuesday - January 2022
Patch Tuesday - January 2022

The first Patch Tuesday of 2022 sees Microsoft publishing fixes for over 120 CVEs across the bulk of their product line, including 29 previously patched CVEs affecting their Edge browser via Chromium. None of these have yet been seen exploited in the wild, though six were publicly disclosed prior to today. This includes two Remote Code Execution (RCE) vulnerabilities in open source libraries that are bundled with more recent versions of Windows: , which affects the curl library, and which affects libarchive.

The majority of this month’s patched vulnerabilities, such as (affecting Active Directory Domain Services), allow attackers to elevate their privileges on systems or networks they already have a foothold in.

Critical RCEs

Besides (libcurl), several other Critical RCE vulnerabilities were also fixed. Most of these have caveats that reduce their scariness to some degree. The worst of these is CVE-2021-21907, affecting the Windows HTTP protocol stack. Although it carries a CVSSv3 base score of 9.8 and is considered potentially “wormable” by Microsoft, similar vulnerabilities have not proven to be rampantly exploited (see the AttackerKB analysis for CVE-2021-31166).

Not quite as bad is , which affects all supported versions of Office, as well as Sharepoint Server. Exploitation would require social engineering to entice a victim to open an attachment or visit a malicious website – thankfully the Windows preview pane is not a vector for this attack.

affects Exchange Server, but cannot be exploited directly over the public internet (attackers need to be “adjacent” to the target system in terms of network topology). This restriction also applies to and , two less severe RCEs in Exchange this month.

and both affect DirectX Graphics and require local access. is a vulnerability in the Windows Codecs library. In most cases, systems should automatically get patched; however, some organizations may have the vulnerable codec preinstalled on their gold images and disable Windows Store updates.

Defenders should prioritize patching servers (Exchange, Sharepoint, Hyper-V, and IIS) followed by web browsers and other client software.

Summary charts

Patch Tuesday - January 2022
Patch Tuesday - January 2022
Patch Tuesday - January 2022
Patch Tuesday - January 2022

Summary tables

Browser vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability No No 4.2 Yes
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability No No 4.2 Yes
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability No No 2.5 Yes
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability No No 6.1 Yes
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability No No 6.1 Yes
Chromium: CVE-2022-0120 Inappropriate implementation in Passwords No No nan Yes
Chromium: CVE-2022-0118 Inappropriate implementation in WebShare No No nan Yes
Chromium: CVE-2022-0117 Policy bypass in Service Workers No No nan Yes
Chromium: CVE-2022-0116 Inappropriate implementation in Compositing No No nan Yes
Chromium: CVE-2022-0115 Uninitialized Use in File API No No nan Yes
Chromium: CVE-2022-0114 Out of bounds memory access in Web Serial No No nan Yes
Chromium: CVE-2022-0113 Inappropriate implementation in Blink No No nan Yes
Chromium: CVE-2022-0112 Incorrect security UI in Browser UI No No nan Yes
Chromium: CVE-2022-0111 Inappropriate implementation in Navigation No No nan Yes
Chromium: CVE-2022-0110 Incorrect security UI in Autofill No No nan Yes
Chromium: CVE-2022-0109 Inappropriate implementation in Autofill No No nan Yes
Chromium: CVE-2022-0108 Inappropriate implementation in Navigation No No nan Yes
Chromium: CVE-2022-0107 Use after free in File Manager API No No nan Yes
Chromium: CVE-2022-0106 Use after free in Autofill No No nan Yes
Chromium: CVE-2022-0105 Use after free in PDF No No nan Yes
Chromium: CVE-2022-0104 Heap buffer overflow in ANGLE No No nan Yes
Chromium: CVE-2022-0103 Use after free in SwiftShader No No nan Yes
Chromium: CVE-2022-0102 Type Confusion in V8 No No nan Yes
Chromium: CVE-2022-0101 Heap buffer overflow in Bookmarks No No nan Yes
Chromium: CVE-2022-0100 Heap buffer overflow in Media streams API No No nan Yes
Chromium: CVE-2022-0099 Use after free in Sign-in No No nan Yes
Chromium: CVE-2022-0098 Use after free in Screen Capture No No nan Yes
Chromium: CVE-2022-0097 Inappropriate implementation in DevTools No No nan Yes
Chromium: CVE-2022-0096 Use after free in Storage No No nan Yes

Developer Tools vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
.NET Framework Denial of Service Vulnerability No No 7.5 No

ESU Windows vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Workstation Service Remote Protocol Security Feature Bypass Vulnerability No No 5.3 No
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability No No 7 No
Windows User Profile Service Elevation of Privilege Vulnerability No Yes 7 No
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 No
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability No No 7.8 Yes
Windows Kerberos Elevation of Privilege Vulnerability No No 8.8 Yes
Windows Installer Elevation of Privilege Vulnerability No No 7.8 No
Windows IKE Extension Denial of Service Vulnerability No No 7.5 Yes
Windows IKE Extension Denial of Service Vulnerability No No 7.5 Yes
Windows IKE Extension Denial of Service Vulnerability No No 7.5 Yes
Windows IKE Extension Denial of Service Vulnerability No No 7.5 Yes
Windows IKE Extension Denial of Service Vulnerability No No 7.5 Yes
Windows Hyper-V Security Feature Bypass Vulnerability No No 4.6 Yes
Windows Hyper-V Security Feature Bypass Vulnerability No No 4.6 Yes
Windows GDI+ Information Disclosure Vulnerability No No 7.5 Yes
Windows GDI+ Information Disclosure Vulnerability No No 6.5 Yes
Windows GDI Information Disclosure Vulnerability No No 7.5 Yes
Windows GDI Elevation of Privilege Vulnerability No No 7 No
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability No No 5.5 No
Windows Common Log File System Driver Elevation of Privilege Vulnerability No No 7.8 No
Windows Common Log File System Driver Elevation of Privilege Vulnerability No No 7.8 No
Windows Cleanup Manager Elevation of Privilege Vulnerability No No 5.5 Yes
Windows Certificate Spoofing Vulnerability No Yes 7.8 Yes
Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability No No 5.3 No
Windows Application Model Core API Elevation of Privilege Vulnerability No No 7 No
Windows Accounts Control Elevation of Privilege Vulnerability No No 7 No
Virtual Machine IDE Drive Elevation of Privilege Vulnerability No No 7.8 No
Remote Procedure Call Runtime Remote Code Execution Vulnerability No No 8.8 Yes
Remote Desktop Protocol Remote Code Execution Vulnerability No No 8.8 Yes
Remote Desktop Client Remote Code Execution Vulnerability No No 8.8 Yes
Remote Desktop Client Remote Code Execution Vulnerability No No 8.8 Yes
Microsoft Cryptographic Services Elevation of Privilege Vulnerability No No 7.8 No
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability No No 7.8 No
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass No No 5.3 No
Active Directory Domain Services Elevation of Privilege Vulnerability No No 8.8 Yes

Exchange Server vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Microsoft Exchange Server Remote Code Execution Vulnerability No No 9 Yes
Microsoft Exchange Server Remote Code Execution Vulnerability No No 9 Yes
Microsoft Exchange Server Remote Code Execution Vulnerability No No 9 Yes

Microsoft Dynamics vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability No No 7.6 No
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability No No 7.6 No

Microsoft Office vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Microsoft Word Remote Code Execution Vulnerability No No 7.8 Yes
Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.3 Yes
Microsoft Office Remote Code Execution Vulnerability No No 8.8 Yes
Microsoft Excel Remote Code Execution Vulnerability No No 7.8 Yes

Windows vulnerabilities

CVE Title Exploited Publicly disclosed CVSSv3 base Additional FAQ
Windows User Profile Service Elevation of Privilege Vulnerability No No 7.8 No
Windows UI Immersive Server API Elevation of Privilege Vulnerability No No 7 No
Windows System Launcher Elevation of Privilege Vulnerability No No 7 No
Windows Storage Elevation of Privilege Vulnerability No No 7 No
Windows StateRepository API Server file Elevation of Privilege Vulnerability No No 7 No
Windows Security Center API Remote Code Execution Vulnerability No Yes 7.8 No
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.8 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.4 Yes
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability No No 6.3 Yes
Windows Push Notifications Apps Elevation Of Privilege Vulnerability No No 7 No
Windows Modern Execution Server Remote Code Execution Vulnerability No No 7.8 No
Windows Kernel Elevation of Privilege Vulnerability No No 7 No
Windows Kernel Elevation of Privilege Vulnerability No No 5.5 No
Windows IKE Extension Remote Code Execution Vulnerability No No 9.8 Yes
Windows Hyper-V Elevation of Privilege Vulnerability No No 9 Yes
Windows Hyper-V Denial of Service Vulnerability No No 6.5 No
Windows Geolocation Service Remote Code Execution Vulnerability No No 7.8 No
Windows Event Tracing Elevation of Privilege Vulnerability No No 7 No
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability No Yes 6.1 No
Windows Devices Human Interface Elevation of Privilege Vulnerability No No 7 No
Windows Defender Credential Guard Security Feature Bypass Vulnerability No No 4.4 No
Windows Defender Application Control Security Feature Bypass Vulnerability No No 5.5 No
Windows DWM Core Library Elevation of Privilege Vulnerability No No 7.8 No
Windows DWM Core Library Elevation of Privilege Vulnerability No No 7.8 No
Windows DWM Core Library Elevation of Privilege Vulnerability No No 7 No
Windows Bind Filter Driver Elevation of Privilege Vulnerability No No 7.8 No
Windows AppContracts API Server Elevation of Privilege Vulnerability No No 7 No
Win32k Information Disclosure Vulnerability No No 5.5 Yes
Win32k Elevation of Privilege Vulnerability No No 7 Yes
Win32k Elevation of Privilege Vulnerability No No 7 Yes
Tile Data Repository Elevation of Privilege Vulnerability No No 7 No
Task Flow Data Engine Elevation of Privilege Vulnerability No No 7 No
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability No No 7 No
Storage Spaces Controller Information Disclosure Vulnerability No No 5.5 Yes
Secure Boot Security Feature Bypass Vulnerability No No 4.4 No
Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability No No 5.5 Yes
Open Source Curl Remote Code Execution Vulnerability No Yes nan Yes
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability No No 7 No
Microsoft Cluster Port Driver Elevation of Privilege Vulnerability No No 7.8 No
Libarchive Remote Code Execution Vulnerability No Yes nan Yes
HTTP Protocol Stack Remote Code Execution Vulnerability No No 9.8 Yes
HEVC Video Extensions Remote Code Execution Vulnerability No No 7.8 Yes
DirectX Graphics Kernel Remote Code Execution Vulnerability No No 7.8 Yes
DirectX Graphics Kernel Remote Code Execution Vulnerability No No 7.8 No
DirectX Graphics Kernel File Denial of Service Vulnerability No No 6.5 No
Connected Devices Platform Service Elevation of Privilege Vulnerability No No 7 No
Clipboard User Service Elevation of Privilege Vulnerability No No 7 No

This content was originally published here.

Laat een reactie achter

Het e-mailadres wordt niet gepubliceerd.