Microsoft addresses 70 vulnerabilities in February 2022 Patch Tuesday

Microsoft addresses 70 vulnerabilities in their February 2022 Patch Tuesday release. While none of the vulnerabilities in this month’s Microsoft release cycle have been assigned as critical risk, several have been given a high-risk rating (CVSSv3.1 score of 7.0 – 8.9). As of this writing, none of this month’s list of vulnerabilities is known to be exploited in the wild.
  
Microsoft has fixed problems in their software including Remote Code Execution (RCE) vulnerabilities, a former zero-day vulnerability (CVE-2022-21989), privilege escalation security flaws, spoofing bugs, information disclosure, feature bypass, and Denial of Service (DoS) issues.   
  
The advisory covers Microsoft products such as Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office, and Office Components, Windows Hyper-V Server, SQL Server, Visual Studio Code, and Microsoft Teams.    

The vulnerabilities are classified as:  

  • 3 Spoofing Vulnerabilities 
  • 5 Denial of Service Vulnerabilities 
  • 22 Edge – Chromium Vulnerabilities 
  • 16 Elevation of Privilege Vulnerabilities 
  • 5 Information Disclosure Vulnerabilities 
  • 3 Security Feature Bypass Vulnerabilities 
  • 16 Remote Code Execution Vulnerabilities 

Some of the important Microsoft vulnerabilities patched this month: 

  • CVE-2022-21989 (CVSS 7.8): Windows Kernel Elevation of Privilege Vulnerability 
  • CVE-2022-23256 (CVSS 8.1): Azure Data Explorer Spoofing Vulnerability 
  • CVE-2022-21984 (CVSS 8.8): Windows DNS Server Remote Code Execution Vulnerability 
  • CVE-2022-22003 (CVSS 7.8): Microsoft Office Graphics Remote Code Execution Vulnerability 
  • CVE-2022-22005 (CVSS 8.8): Microsoft SharePoint Server Remote Code Execution Vulnerability 
  • CVE-2022-23274 (CVSS 8.3): Microsoft Dynamics GP Remote Code Execution Vulnerability 

Visit the February 2022 Security Updates page to access the full description of each vulnerability and the systems that it affects.  
  
Customers can scan their network with QID 10400, 110401, 110402, 376382, 91857, 91858, 91859, 91860, 91861, 91863, 91866 to detect vulnerable assets.  
  
Please continue to follow Qualys Threat Protection for more coverage on the latest vulnerabilities.   
   
References: 
https://threatpost.com/microsoft-february-patch-tuesday-zero-day/178286/ 
https://www.zdnet.com/article/microsoft-february-2021-patch-tuesday-48-bugs-squashed-one-zero-day-resolved/ 
https://www.bleepingcomputer.com/news/microsoft/microsoft-february-2022-patch-tuesday-fixes-48-flaws-1-zero-day/ 

Leave a Reply

Your email address will not be published. Required fields are marked *