Security News > 2022 > March > March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown "Critical" ones and three "Important" ones that were already public.
"If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client," says Dustin Childs, with Trend Micro's Zero Day Initiative.
Among the critical vulnerabilities, a RCE in Microsoft Exchange Server also deserves immediate attention.
CVE-2022-22006 and CVE-2022-24501, two RCEs in the HEVC and VP9 Video Extensions might be critical because of their effect, but the updates for the apps are pushed automatically by the Microsoft Store, so customers needn't worry about patching those - if they haven't disabled automatic updates for the Microsoft Store, that is.
CVE-2022-24508, a Windows SMBv3 Client/Server RCE vulnerability, "Also seems to be one to watch out for, especially as Microsoft has marked it 'exploitation more likely' and provided additional mitigations," says Kevin Breen, Director of Cyber Threat Research at Immersive Labs.
Finally, CVE-2022-23278, a spoofing vulnerability affecting Microsoft Defender for Endpoint for all platforms, deserves a special mention even though attackers must gather information specific to the environment of the targeted component before being able to exploit it.
News URL
https://www.helpnetsecurity.com/2022/03/08/march-2022-patch-tuesday/
Related news
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft investigates global Exchange Admin Center outage (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24508 | Unspecified vulnerability in Microsoft products Win32 File Enumeration Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-24501 | Unspecified vulnerability in Microsoft VP9 Video Extensions VP9 Video Extensions Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-23278 | Unspecified vulnerability in Microsoft products Microsoft Defender for Endpoint Spoofing Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-22006 | Out-of-bounds Write vulnerability in Microsoft Hevc Video Extensions HEVC Video Extensions Remote Code Execution Vulnerability | 0.0 |