This month we got patches for 86 vulnerabilities. Of these, 4 are critical, none previously disclosed, and one is being exploited according to Microsoft.
The zero-day is an elevation of privilege affecting Windows CSRSS (CVE-2022-22047). The CSRSS (Client Server Run-Time Subsystem) is the user-mode process that controls the underlying layer for the Windows environment. According to the advisory, “an attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” The advisory also says that the attack complexity is low, the privileges required are low and no user interaction is required. The CVSS for this vulnerability is 7.8.
There is another important elevation of privilege affecting Windows CSRSS (CVE-2022-22026). As per the advisory, this is similar to the already exploited vulnerability in terms of attack vector, attack complexity, privileges required, and user interaction. However, the CVSS score is higher: 8.8 – the highest for this month.
The same CVSS score was given to the remote code execution (RCE) vulnerability in Windows Graphics Component (CVE-2022-30221) affecting different Windows products including Remote Desktop Client. To exploit this vulnerability “an attacker would have to convince a targeted user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim’s system in the context of the targeted user.”
There is also a critical tampering vulnerability with exploitability tagged as “More Likely” affecting Windows Server Service (CVE-2022-30216). The attack vector is network, the attack complexity and privileges required are low and it requires no user i ..
Support the originator by clicking the read the rest link below.
