1 min read

Microsoft May Patch Tuesday Fixes Actively Exploited Vulnerability

Vlad CONSTANTINESCU
Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft May Patch Tuesday Fixes Actively Exploited Vulnerability

Microsoft’s Patch Tuesday this month addresses 74 security flaws, including seven high-risk vulnerabilities, 66 important ones, and one flagged as low severity.

Security experts noticed at least one of the patched flaws was under active attack using public exploit codes. Two other vulnerabilities are listed as having public exploit code, but no reports suggest active attacks against them.

The actively exploited vulnerability is a Windows LSA (Local Security Authority) spoofing flaw that could let unauthenticated attackers "coerce the domain controller to authenticate to the attacker using NTLM," according to Microsoft.

The LSA flaw, tracked as CVE-2022-26925, has a CVSS severity score of 8.3. However, “the combined CVSS score would be 9.8 when this vulnerability is chained with the noted NTLM Relay Attacks on Active Directory Certificate Services (AD CS),” Microsoft says.

This month’s Patch Tuesday rollout can help users fend off this attack by detecting anonymous LSARPC connection attempts and disallowing them. System and network administrators are also advised to review the KB5005413 documentation that can help them take further steps to protect networks against NTLM Relay Attacks.

One of the bugs listed with public exploit code is a vulnerability in Azure Synapse and Azure Data Factory pipelines tracked as CVE-2022-29972. Threat actors could leverage this flaw to "perform remote command execution across IR infrastructure not limited to a single tenant.”

The other publicly disclosed exploit code vulnerability is a Windows Hyper-V denial-of-service vulnerability tracked as CVE-2022-22713. However, researchers believe this bug is less likely to be exploited as it requires attackers to “win a race condition.”

To prevent attackers from exploiting these vulnerabilities and others, users should prioritize applying Microsoft’s monthly update rollout. The updates should be installed automatically on most systems, but you can also perform a manual Windows Update check and apply any recommended patches.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

AMD held to ransom by gang that claims 450GB of data has been stolen AMD held to ransom by gang that claims 450GB of data has been stolen
Graham CLULEY

July 01, 2022

2 min read
South Korean Cybersecurity Agency Released Free Decryptor for Hive Ransomware Victims South Korean Cybersecurity Agency Released Free Decryptor for Hive Ransomware Victims
Vlad CONSTANTINESCU

July 01, 2022

1 min read
Ukrainian Phishers face 15 Years behind Bars after Defrauding Fellow Citizens with Fake Relief Claims Ukrainian Phishers face 15 Years behind Bars after Defrauding Fellow Citizens with Fake Relief Claims
Filip TRUȚĂ

June 30, 2022

1 min read