Haberler

Microsoft Mayıs 2022 Patch Tuesday: 3 Zero-Day, 75 Zafiyet Kapatıldı

Microsoft bu ay yayınladığı Patch Tuesday yamaları ile 3 sıfırıncı gün güvenlik açığı ve toplam 75 zafiyeti kapattı. Bugünkü güncellemede düzeltilen 75 güvenlik açığından sekizi, uzaktan kod yürütülmesine veya ayrıcalıkların yükseltilmesine izin verdikleri için ‘Kritik’ olarak sınıflandırılıyor.

Kapatılan zafiyetler aşağıdaki gibidir

  • 21 Elevation of Privilege Vulnerabilities
  • 4 Security Feature Bypass Vulnerabilities
  • 26 Remote Code Execution Vulnerabilities
  • 17 Information Disclosure Vulnerabilities
  • 6 Denial of Service Vulnerabilities
  • 1 Spoofing Vulnerability
  • 0 Edge – Chromium Vulnerabilities

Üç sıfır gün düzeltildi, ikisi aktif olarak kullanıldı

Bu ayın Salı Yaması, biri aktif olarak yararlanılan ve diğerleri kamuya açıklanan üç sıfır gün güvenlik açığı için düzeltmeler içeriyor. Bugün düzeltilen, aktif olarak yararlanılan sıfır gün güvenlik açığı, ‘ CVE-2022-26925 – Windows LSA Spoofing Vulnerability’ olarak izlenen bir LSARPC hatası kullanan yeni bir NTLM Relay Attack. Microsoft, bugün yayınlanan bir danışma belgesinde “Kimliği doğrulanmamış bir saldırgan LSARPC arabiriminde bir yöntem çağırabilir ve etki alanı denetleyicisini NTLM kullanarak saldırganın kimliğini doğrulamaya zorlayabilir. Bu güvenlik güncelleştirmesi LSARPC’deki anonim bağlantı girişimlerini algılar ve buna izin vermez.” denildi. Microsoft, yöneticilerin  bu tür saldırıların nasıl azaltılacağına ilişkin bilgiler için PetitPotam NTLM Relay danışma belgesini okumasını öneriyor.

Diğer ikisi ise:

  • CVE-2022-22713 – Windows Hyper-V Denial of Service Vulnerability
  • CVE-2022-29972 – Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver

Microsoft güncellemelerin vakit kaybetmeden yüklenmesi konusunda uyarıyor.

Mayıs 2022 Yaması Salı Güvenlik Güncellemeleri

TagCVE IDCVE TitleSeverity
.NET and Visual StudioCVE-2022-29117.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-23267.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-29145.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET FrameworkCVE-2022-30130.NET Framework Denial of Service VulnerabilityLow
Azure SHIRADV220001Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972Critical
Microsoft Exchange ServerCVE-2022-21978Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26934Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-22011Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-29112Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26927Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft Local Security Authority Server (lsasrv)CVE-2022-26925Windows LSA Spoofing VulnerabilityImportant
Microsoft OfficeCVE-2022-29107Microsoft Office Security Feature Bypass VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29109Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29110Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2022-29108Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Windows ALPCCVE-2022-23279Windows ALPC Elevation of Privilege VulnerabilityImportant
Remote Desktop ClientCVE-2022-26940Remote Desktop Protocol Client Information Disclosure VulnerabilityImportant
Remote Desktop ClientCVE-2022-22017Remote Desktop Client Remote Code Execution VulnerabilityCritical
Role: Windows Fax ServiceCVE-2022-29115Windows Fax Service Remote Code Execution VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-22713Windows Hyper-V Denial of Service VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-24466Windows Hyper-V Security Feature Bypass VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-29106Windows Hyper-V Shared Virtual Disk Elevation of Privilege VulnerabilityImportant
Self-hosted Integration RuntimeCVE-2022-29972Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC DriverCritical
Tablet Windows User InterfaceCVE-2022-29126Tablet Windows User Interface Application Core Elevation of Privilege VulnerabilityImportant
Visual StudioCVE-2022-29148Visual Studio Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2022-30129Visual Studio Code Remote Code Execution VulnerabilityImportant
Windows Active DirectoryCVE-2022-26923Active Directory Domain Services Elevation of Privilege VulnerabilityCritical
Windows Address BookCVE-2022-26926Windows Address Book Remote Code Execution VulnerabilityImportant
Windows Authentication MethodsCVE-2022-26913Windows Authentication Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2022-29127BitLocker Security Feature Bypass VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29122Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29135Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29138Windows Clustered Shared Volume Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29134Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29120Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29151Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29123Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29150Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Failover Cluster Automation ServerCVE-2022-29102Windows Failover Cluster Information Disclosure VulnerabilityImportant
Windows KerberosCVE-2022-26931Windows Kerberos Elevation of Privilege VulnerabilityCritical
Windows KernelCVE-2022-29142Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2022-29116Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2022-29133Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29141Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22014Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29137Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29139Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22013Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22012Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29128Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29129Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29130Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29131Windows LDAP Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29105Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29113Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2022-22016Windows PlayToManager Elevation of Privilege VulnerabilityImportant
Windows Network File SystemCVE-2022-26937Windows Network File System Remote Code Execution VulnerabilityCritical
Windows NTFSCVE-2022-26933Windows NTFS Information Disclosure VulnerabilityImportant
Windows Point-to-Point Tunneling ProtocolCVE-2022-23270Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Point-to-Point Tunneling ProtocolCVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Print Spooler ComponentsCVE-2022-29104Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29132Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29140Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29114Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Push NotificationsCVE-2022-29125Windows Push Notifications Apps Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-29103Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-26930Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Remote DesktopCVE-2022-22015Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2022-22019Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Server ServiceCVE-2022-26936Windows Server Service Information Disclosure VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26932Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26939Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26938Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-29121Windows WLAN AutoConfig Service Denial of Service VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-26935Windows WLAN AutoConfig Service Information Disclosure VulnerabilityImportant

Kaynak: bleepingcomputer.com

İlgili Makaleler

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

Başa dön tuşu