Security News > 2022 > March > March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown "Critical" ones and three "Important" ones that were already public.
"If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client," says Dustin Childs, with Trend Micro's Zero Day Initiative.
Among the critical vulnerabilities, a RCE in Microsoft Exchange Server also deserves immediate attention.
CVE-2022-22006 and CVE-2022-24501, two RCEs in the HEVC and VP9 Video Extensions might be critical because of their effect, but the updates for the apps are pushed automatically by the Microsoft Store, so customers needn't worry about patching those - if they haven't disabled automatic updates for the Microsoft Store, that is.
CVE-2022-24508, a Windows SMBv3 Client/Server RCE vulnerability, "Also seems to be one to watch out for, especially as Microsoft has marked it 'exploitation more likely' and provided additional mitigations," says Kevin Breen, Director of Cyber Threat Research at Immersive Labs.
Finally, CVE-2022-23278, a spoofing vulnerability affecting Microsoft Defender for Endpoint for all platforms, deserves a special mention even though attackers must gather information specific to the environment of the targeted component before being able to exploit it.
News URL
https://www.helpnetsecurity.com/2022/03/08/march-2022-patch-tuesday/
Related news
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24508 | Unspecified vulnerability in Microsoft products Win32 File Enumeration Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-24501 | Unspecified vulnerability in Microsoft VP9 Video Extensions VP9 Video Extensions Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-23278 | Unspecified vulnerability in Microsoft products Microsoft Defender for Endpoint Spoofing Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-22006 | Out-of-bounds Write vulnerability in Microsoft Hevc Video Extensions HEVC Video Extensions Remote Code Execution Vulnerability | 0.0 |