Windows will be a bit more secure with the May 2022 Patch Tuesday. The update brings fixes for 74 vulnerabilities, seven of them critical and one being actively exploited by hackers.
Microsoft has started rolling out its traditional Patch Tuesday monthly. This fixes a total of 74 security vulnerabilities, 7 of which are considered critical. All versions of Windows still followed by the Redmond firm are concerned.
An actively exploited vulnerability
One vulnerability in particular is cause for concern because it has been actively exploited, and continues to be. Cataloged under the number CVE-2022-26925, it has a severity score of 8.1, which places it in the category of so-called significant security vulnerabilities.
This zero-day flaw allows unauthenticated hackers to remotely force domain controllers to authenticate them through the Windows NT LAN Manager (NTLM) security protocol, which several Windows services use.
The vulnerability is approaching what we had already been able to experience in 2021 with the attacks Little Pothamalso an NTLM relay type.
A critical flaw with a score of 9.8/10
Let’s now move on to the CVE-2022-29972 security flaw, of a more critical level but which has not, a priori, been exploited. It falls under Amazon Redshift ODBC and JDBC drivers and Amazon Athena ODBC and JDBC drivers, causing improper validation of authentication tokens. Azure Synapse Pipelines and Azure Data Factory platforms exploit the Amazon Redshift ODBC driver, they were susceptible to this vulnerability.
Also watch out for CVE-2022-26937, a critical flaw that reaches a severity score of 9.8/10. This is a possibility left to execute malicious code remotely via the Network File System (NFS) of Windows. Microsoft believes there is a high probability that this vulnerability could have been exploited.
As always, we can only advise you to check if the update is available on your system in order to protect it from potential attacks. The easiest way to get it is through the Windows Update tool.
Source : MalwareBytes
10