Microsoft May Patch Tuesday Fixes Actively Exploited Vulnerability
Microsoft’s Patch Tuesday this month addresses 74 security flaws, including seven high-risk vulnerabilities, 66 important ones, and one flagged as low severity.
Security experts noticed at least one of the patched flaws was under active attack using public exploit codes. Two other vulnerabilities are listed as having public exploit code, but no reports suggest active attacks against them.
The actively exploited vulnerability is a Windows LSA (Local Security Authority) spoofing flaw that could let unauthenticated attackers "coerce the domain controller to authenticate to the attacker using NTLM," according to Microsoft.
The LSA flaw, tracked as CVE-2022-26925, has a CVSS severity score of 8.3. However, “the combined CVSS score would be 9.8 when this vulnerability is chained with the noted NTLM Relay Attacks on Active Directory Certificate Services (AD CS),” Microsoft says.
This month’s Patch Tuesday rollout can help users fend off this attack by detecting anonymous LSARPC connection attempts and disallowing them. System and network administrators are also advised to review the KB5005413 documentation that can help them take further steps to protect networks against NTLM Relay Attacks.
One of the bugs listed with public exploit code is a vulnerability in Azure Synapse and Azure Data Factory pipelines tracked as CVE-2022-29972. Threat actors could leverage this flaw to "perform remote command execution across IR infrastructure not limited to a single tenant.”
The other publicly disclosed exploit code vulnerability is a Windows Hyper-V denial-of-service vulnerability tracked as CVE-2022-22713. However, researchers believe this bug is less likely to be exploited as it requires attackers to “win a race condition.”
To prevent attackers from exploiting these vulnerabilities and others, users should prioritize applying Microsoft’s monthly update rollout. The updates should be installed automatically on most systems, but you can also perform a manual Windows Update check and apply any recommended patches.
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022