Security News > 2022 > July > Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)
The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation of privilege bug in Windows' Client/Server Runtime Subsystem.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft noted, but the attacker must first gain access to the system, usually by exploiting a separate code execution bug.
Dustin Childs, with Trend Micro's Zero Day Initiative, says that CVE-2022-30216, a "Tampering" vulnerability in the Windows Server Service that may allow an authenticated attacker to upload a malicious certificate to a target server, should be patched quickly on critical servers.
Exploitation of CVE-2022-22029, a RCE in the Windows NFS service, and CVE-2022-22038, a Microsoft Remote Procedure Call runtime RCE, doesn't hinge on the attacker being authenticated nor on user interaction.
Finally, it has to be mentioned that this Patch Tuesday is when Microsoft enterprise customers who opted for using Windows Autopatch will start testing the automated managed patching service.
"Because the Autopatch service has such a broad footprint, and pushes updates around the clock, we are able to detect potential issues among an incredibly diverse array of hardware and software configurations. This means that an issue that may have an impact on your portfolio could be detected and resolved before ever reaching your estate. And as the service expands and grows, the ability to detect issues will get more robust," noted Lior Bela, Senior Product Marketing Manager for Microsoft Managed Desktop and Windows Autopatch on the Microsoft 365 team.
News URL
https://www.helpnetsecurity.com/2022/07/12/cve-2022-22047/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-30216 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products Windows Server Service Tampering Vulnerability | 0.0 |
| 2022-07-12 | CVE-2022-22047 | Untrusted Search Path vulnerability in Microsoft products Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 0.0 |
| 2022-07-12 | CVE-2022-22038 | Unspecified vulnerability in Microsoft products Remote Procedure Call Runtime Remote Code Execution Vulnerability | 0.0 |
| 2022-07-12 | CVE-2022-22029 | Unspecified vulnerability in Microsoft products Windows Network File System Remote Code Execution Vulnerability | 0.0 |