Microsoft Security Bulletin Coverage for April 2022

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of April 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-24474 Windows Win32k Elevation of Privilege Vulnerability
ASPY 315: Malformed-File exe.MP_249

CVE-2022-24481 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 316: Malformed-File exe.MP_250

CVE-2022-24491 Windows Network File System Remote Code Execution Vulnerability
IPS 81080: Malformed RPC Portmapper Request 2

CVE-2022-24497 Windows Network File System Remote Code Execution Vulnerability
IPS 81090: Malformed RPC Portmapper Request 3

CVE-2022-24521 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 310: Malformed-File exe.MP_244

CVE-2022-24542 Windows Win32k Elevation of Privilege Vulnerability
ASPY 317: Malformed-File exe.MP_251

CVE-2022-24546 Windows DWM Core Library Elevation of Privilege Vulnerability
ASPY 313: Malformed-File exe.MP_247

CVE-2022-24547 Windows Digital Media Receiver Elevation of Privilege Vulnerability
ASPY 312: Malformed-File exe.MP_246

CVE-2022-26809 Remote Procedure Call Runtime Remote Code Execution Vulnerability
IPS 15757:RPC Microsoft RPC Runtime Remote Code Execution (CVE-2022-26809)

CVE-2022-26904 Windows User Profile Service Elevation of Privilege Vulnerability
ASPY 314: Malformed-File exe.MP_248

CVE-2022-26914 Win32k Elevation of Privilege Vulnerability
ASPY 311: Malformed-File exe.MP_245

Adobe Coverage :
CVE-2022-28244 Acrobat Reader Arbitrary code execution
ASPY 318: Malformed-File pdf.MP_523
CVE-2022-27799 Acrobat Reader Arbitrary code execution
ASPY 319: Malformed-File pdf.MP_524
CVE-2022-24102 Acrobat Reader Arbitrary code execution
ASPY 320: Malformed-File pdf.MP_525

The following vulnerabilities do not have exploits in the wild :
CVE-2022-21983 Win32 Stream Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22009 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23259 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23268 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-23292 Microsoft Power BI Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24472 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24473 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24475 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24479 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24482 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24483 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24484 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24485 Win32 File Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24486 Windows Kerberos Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24487 Windows Local Security Authority (LSA) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24488 Windows Desktop Bridge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24489 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24490 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24492 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24493 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24494 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24495 Windows Direct Show – Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24496 Local Security Authority (LSA) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24498 Windows iSCSI Target Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24499 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24500 Windows SMB Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24513 Visual Studio Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24523 Microsoft Edge (Chromium-based) Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24527 Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24528 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24530 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24532 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24533 Remote Desktop Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24534 Win32 Stream Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24536 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24538 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24539 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24540 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24541 Windows Server Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24543 Windows Upgrade Assistant Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24544 Windows Kerberos Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24545 Windows Kerberos Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24549 Windows AppX Package Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24550 Windows Telephony Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24765 GitHub: Uncontrolled search for the Git directory in Git for Windows
There are no known exploits in the wild.
CVE-2022-24767 GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account
There are no known exploits in the wild.
CVE-2022-26783 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26784 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26785 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26786 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26787 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26788 PowerShell Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26789 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26790 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26791 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26792 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26793 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26794 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26795 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26796 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26797 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26798 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26801 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26802 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26803 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26807 Windows Work Folder Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26808 Windows File Explorer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26810 Windows File Server Resource Management Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26811 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26812 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26813 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26814 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26815 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26816 Windows DNS Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26817 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26818 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26819 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26820 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26821 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26822 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26823 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26824 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26825 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26826 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26827 Windows File Server Resource Management Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26828 Windows Bluetooth Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26829 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26830 DiskUsage.exe Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26831 Windows LDAP Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26832 .NET Framework Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26891 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26894 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26895 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26896 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26897 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26898 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26900 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26901 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26903 Windows Graphics Component Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26907 Azure SDK for .NET Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26908 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26909 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26910 Skype for Business and Lync Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-26911 Skype for Business Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26912 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26915 Windows Secure Channel Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26916 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26917 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26918 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26919 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26920 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26921 Visual Studio Code Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26924 YARP Denial of Service Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.