Microsoft Mayıs 2022 Patch Tuesday: 3 Zero-Day, 75 Zafiyet Kapatıldı
Microsoft bu ay yayınladığı Patch Tuesday yamaları ile 3 sıfırıncı gün güvenlik açığı ve toplam 75 zafiyeti kapattı. Bugünkü güncellemede düzeltilen 75 güvenlik açığından sekizi, uzaktan kod yürütülmesine veya ayrıcalıkların yükseltilmesine izin verdikleri için ‘Kritik’ olarak sınıflandırılıyor.
Kapatılan zafiyetler aşağıdaki gibidir
- 21 Elevation of Privilege Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
- 26 Remote Code Execution Vulnerabilities
- 17 Information Disclosure Vulnerabilities
- 6 Denial of Service Vulnerabilities
- 1 Spoofing Vulnerability
- 0 Edge – Chromium Vulnerabilities
Üç sıfır gün düzeltildi, ikisi aktif olarak kullanıldı
Bu ayın Salı Yaması, biri aktif olarak yararlanılan ve diğerleri kamuya açıklanan üç sıfır gün güvenlik açığı için düzeltmeler içeriyor. Bugün düzeltilen, aktif olarak yararlanılan sıfır gün güvenlik açığı, ‘ CVE-2022-26925 – Windows LSA Spoofing Vulnerability’ olarak izlenen bir LSARPC hatası kullanan yeni bir NTLM Relay Attack. Microsoft, bugün yayınlanan bir danışma belgesinde “Kimliği doğrulanmamış bir saldırgan LSARPC arabiriminde bir yöntem çağırabilir ve etki alanı denetleyicisini NTLM kullanarak saldırganın kimliğini doğrulamaya zorlayabilir. Bu güvenlik güncelleştirmesi LSARPC’deki anonim bağlantı girişimlerini algılar ve buna izin vermez.” denildi. Microsoft, yöneticilerin bu tür saldırıların nasıl azaltılacağına ilişkin bilgiler için PetitPotam NTLM Relay danışma belgesini okumasını öneriyor.
Diğer ikisi ise:
- CVE-2022-22713 – Windows Hyper-V Denial of Service Vulnerability
- CVE-2022-29972 – Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver
Microsoft güncellemelerin vakit kaybetmeden yüklenmesi konusunda uyarıyor.
Mayıs 2022 Yaması Salı Güvenlik Güncellemeleri
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
.NET and Visual Studio | CVE-2022-29117 | .NET and Visual Studio Denial of Service Vulnerability | Important |
.NET and Visual Studio | CVE-2022-23267 | .NET and Visual Studio Denial of Service Vulnerability | Important |
.NET and Visual Studio | CVE-2022-29145 | .NET and Visual Studio Denial of Service Vulnerability | Important |
.NET Framework | CVE-2022-30130 | .NET Framework Denial of Service Vulnerability | Low |
Azure SHIR | ADV220001 | Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972 | Critical |
Microsoft Exchange Server | CVE-2022-21978 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-26934 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-22011 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-29112 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-26927 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
Microsoft Local Security Authority Server (lsasrv) | CVE-2022-26925 | Windows LSA Spoofing Vulnerability | Important |
Microsoft Office | CVE-2022-29107 | Microsoft Office Security Feature Bypass Vulnerability | Important |
Microsoft Office Excel | CVE-2022-29109 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office Excel | CVE-2022-29110 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office SharePoint | CVE-2022-29108 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
Microsoft Windows ALPC | CVE-2022-23279 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Remote Desktop Client | CVE-2022-26940 | Remote Desktop Protocol Client Information Disclosure Vulnerability | Important |
Remote Desktop Client | CVE-2022-22017 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
Role: Windows Fax Service | CVE-2022-29115 | Windows Fax Service Remote Code Execution Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-22713 | Windows Hyper-V Denial of Service Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-24466 | Windows Hyper-V Security Feature Bypass Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-29106 | Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | Important |
Self-hosted Integration Runtime | CVE-2022-29972 | Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver | Critical |
Tablet Windows User Interface | CVE-2022-29126 | Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability | Important |
Visual Studio | CVE-2022-29148 | Visual Studio Remote Code Execution Vulnerability | Important |
Visual Studio Code | CVE-2022-30129 | Visual Studio Code Remote Code Execution Vulnerability | Important |
Windows Active Directory | CVE-2022-26923 | Active Directory Domain Services Elevation of Privilege Vulnerability | Critical |
Windows Address Book | CVE-2022-26926 | Windows Address Book Remote Code Execution Vulnerability | Important |
Windows Authentication Methods | CVE-2022-26913 | Windows Authentication Security Feature Bypass Vulnerability | Important |
Windows BitLocker | CVE-2022-29127 | BitLocker Security Feature Bypass Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29122 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29135 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29138 | Windows Clustered Shared Volume Elevation of Privilege Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29134 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29120 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29151 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29123 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-29150 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
Windows Failover Cluster Automation Server | CVE-2022-29102 | Windows Failover Cluster Information Disclosure Vulnerability | Important |
Windows Kerberos | CVE-2022-26931 | Windows Kerberos Elevation of Privilege Vulnerability | Critical |
Windows Kernel | CVE-2022-29142 | Windows Kernel Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2022-29116 | Windows Kernel Information Disclosure Vulnerability | Important |
Windows Kernel | CVE-2022-29133 | Windows Kernel Elevation of Privilege Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29141 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22014 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29137 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29139 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22013 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22012 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29128 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29129 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29130 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29131 | Windows LDAP Remote Code Execution Vulnerability | Important |
Windows Media | CVE-2022-29105 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Important |
Windows Media | CVE-2022-29113 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
Windows Media | CVE-2022-22016 | Windows PlayToManager Elevation of Privilege Vulnerability | Important |
Windows Network File System | CVE-2022-26937 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows NTFS | CVE-2022-26933 | Windows NTFS Information Disclosure Vulnerability | Important |
Windows Point-to-Point Tunneling Protocol | CVE-2022-23270 | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical |
Windows Point-to-Point Tunneling Protocol | CVE-2022-21972 | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical |
Windows Print Spooler Components | CVE-2022-29104 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-29132 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-29140 | Windows Print Spooler Information Disclosure Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-29114 | Windows Print Spooler Information Disclosure Vulnerability | Important |
Windows Push Notifications | CVE-2022-29125 | Windows Push Notifications Apps Elevation of Privilege Vulnerability | Important |
Windows Remote Access Connection Manager | CVE-2022-29103 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
Windows Remote Access Connection Manager | CVE-2022-26930 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Important |
Windows Remote Desktop | CVE-2022-22015 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-22019 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
Windows Server Service | CVE-2022-26936 | Windows Server Service Information Disclosure Vulnerability | Important |
Windows Storage Spaces Controller | CVE-2022-26932 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
Windows Storage Spaces Controller | CVE-2022-26939 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
Windows Storage Spaces Controller | CVE-2022-26938 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
Windows WLAN Auto Config Service | CVE-2022-29121 | Windows WLAN AutoConfig Service Denial of Service Vulnerability | Important |
Windows WLAN Auto Config Service | CVE-2022-26935 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Important |
Kaynak: bleepingcomputer.com