Security News > 2022 > March > March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown "Critical" ones and three "Important" ones that were already public.
"If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client," says Dustin Childs, with Trend Micro's Zero Day Initiative.
Among the critical vulnerabilities, a RCE in Microsoft Exchange Server also deserves immediate attention.
CVE-2022-22006 and CVE-2022-24501, two RCEs in the HEVC and VP9 Video Extensions might be critical because of their effect, but the updates for the apps are pushed automatically by the Microsoft Store, so customers needn't worry about patching those - if they haven't disabled automatic updates for the Microsoft Store, that is.
CVE-2022-24508, a Windows SMBv3 Client/Server RCE vulnerability, "Also seems to be one to watch out for, especially as Microsoft has marked it 'exploitation more likely' and provided additional mitigations," says Kevin Breen, Director of Cyber Threat Research at Immersive Labs.
Finally, CVE-2022-23278, a spoofing vulnerability affecting Microsoft Defender for Endpoint for all platforms, deserves a special mention even though attackers must gather information specific to the environment of the targeted component before being able to exploit it.
News URL
https://www.helpnetsecurity.com/2022/03/08/march-2022-patch-tuesday/
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24508 | Unspecified vulnerability in Microsoft products Win32 File Enumeration Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-24501 | Unspecified vulnerability in Microsoft VP9 Video Extensions VP9 Video Extensions Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-23278 | Unspecified vulnerability in Microsoft products Microsoft Defender for Endpoint Spoofing Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-22006 | Out-of-bounds Write vulnerability in Microsoft Hevc Video Extensions HEVC Video Extensions Remote Code Execution Vulnerability | 0.0 |