Microsoft Security Bulletin Coverage for March 2022

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of March 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-21990 Remote Desktop Client Remote Code Execution Vulnerability
ASPY 300:Malformed-File exe.MP_239

CVE-2022-23253 Point-to-Point Tunneling Protocol Denial of Service Vulnerability
IPS 2558:Malformed PPTP Request 2

CVE-2022-23285 Remote Desktop Client Remote Code Execution Vulnerability
ASPY 301:Malformed-File exe.MP_240

CVE-2022-23286 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
ASPY 302:Malformed-File exe.MP_241

CVE-2022-23299 Windows PDEV Elevation of Privilege Vulnerability
ASPY 303:Malformed-File exe.MP_242

CVE-2022-24502 Windows HTML Platforms Security Feature Bypass Vulnerability
IPS 15754:Internet Explorer Security Feature Bypass (CVE-2022-24502)

CVE-2022-24507 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
ASPY 304:Malformed-File exe.MP_243

The following vulnerabilities do not have exploits in the wild :
CVE-2020-8927 Brotli Library Buffer Overflow Vulnerability
There are no known exploits in the wild.
CVE-2022-21967 Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-21973 Windows Media Center Update Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-21975 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-21977 Media Foundation Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22006 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22007 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22010 Media Foundation Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-23265 Microsoft Defender for IoT Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23266 Microsoft Defender for IoT Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23278 Microsoft Defender for Endpoint Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-23281 Windows Common Log File System Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-23282 Paint 3D Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23283 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23284 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23287 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23288 Windows DWM Core Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23290 Windows Inking COM Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23291 Windows DWM Core Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23293 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23294 Windows Event Tracing Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23295 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23296 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23297 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-23298 Windows NT OS Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23300 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23301 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24451 VP9 Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24452 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24453 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24454 Windows Security Support Provider Interface Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24455 Windows CD-ROM Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24456 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24459 Windows Fax and Scan Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24460 Tablet Windows User Interface Application Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24462 Microsoft Word Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-24463 Microsoft Exchange Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24464 .NET and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24465 Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-24467 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24468 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24469 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24470 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24471 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24503 Remote Desktop Protocol Client Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24505 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24506 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24508 Windows SMBv3 Client Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24510 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24511 Microsoft Office Word Tampering Vulnerability
There are no known exploits in the wild.
CVE-2022-24512 .NET and Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24515 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24517 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24518 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24519 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24520 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24522 Skype Extension for Chrome Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24525 Windows Update Stack Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24526 Visual Studio Code Spoofing Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.