Security News > 2022 > March > March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server
Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown "Critical" ones and three "Important" ones that were already public.
"If an attacker can lure an affected RDP client to connect to their RDP server, the attacker could trigger code execution on the targeted client," says Dustin Childs, with Trend Micro's Zero Day Initiative.
Among the critical vulnerabilities, a RCE in Microsoft Exchange Server also deserves immediate attention.
CVE-2022-22006 and CVE-2022-24501, two RCEs in the HEVC and VP9 Video Extensions might be critical because of their effect, but the updates for the apps are pushed automatically by the Microsoft Store, so customers needn't worry about patching those - if they haven't disabled automatic updates for the Microsoft Store, that is.
CVE-2022-24508, a Windows SMBv3 Client/Server RCE vulnerability, "Also seems to be one to watch out for, especially as Microsoft has marked it 'exploitation more likely' and provided additional mitigations," says Kevin Breen, Director of Cyber Threat Research at Immersive Labs.
Finally, CVE-2022-23278, a spoofing vulnerability affecting Microsoft Defender for Endpoint for all platforms, deserves a special mention even though attackers must gather information specific to the environment of the targeted component before being able to exploit it.
News URL
https://www.helpnetsecurity.com/2022/03/08/march-2022-patch-tuesday/
Related news
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24508 | Unspecified vulnerability in Microsoft products Win32 File Enumeration Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-24501 | Unspecified vulnerability in Microsoft VP9 Video Extensions VP9 Video Extensions Remote Code Execution Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-23278 | Unspecified vulnerability in Microsoft products Microsoft Defender for Endpoint Spoofing Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-22006 | Out-of-bounds Write vulnerability in Microsoft Hevc Video Extensions HEVC Video Extensions Remote Code Execution Vulnerability | 0.0 |