Microsoft Security Bulletin Coverage for May 2022

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of May 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-22017 Remote Desktop Client Remote Code Execution Vulnerability
ASPY 323:Malformed-File exe.MP_253

CVE-2022-23270 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
IPS 2715:Malformed PPTP Request 3

CVE-2022-23279 Windows ALPC Elevation of Privilege Vulnerability
ASPY 324:Malformed-File exe.MP_254

CVE-2022-26925 Windows LSA Spoofing Vulnerability
IPS 15756:Windows LSA Spoofing (CVE-2022-26925)

CVE-2022-26937 Windows Network File System Remote Code Execution Vulnerability
IPS 15585:Windows NFS Remote Code Execution (CVE-2022-26937)

CVE-2022-29104 Windows Print Spooler Elevation of Privilege Vulnerability
ASPY 326:Malformed-File exe.MP_256

CVE-2022-29142 Windows Kernel Elevation of Privilege Vulnerability
ASPY 325:Malformed-File exe.MP_255

The following vulnerabilities do not have exploits in the wild :
CVE-2022-21972 Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21978 Microsoft Exchange Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22011 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22012 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22013 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22014 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22015 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22016 Windows PlayToManager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22019 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22713 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-23267 .NET and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24466 Windows Hyper-V Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-26913 Windows Authentication Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-26923 Active Directory Domain Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26926 Windows Address Book Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26927 Windows Graphics Component Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26930 Windows Remote Access Connection Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26931 Windows Kerberos Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26932 Storage Spaces Direct Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26933 Windows NTFS Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26934 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26935 Windows WLAN AutoConfig Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26936 Windows Server Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26938 Storage Spaces Direct Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26939 Storage Spaces Direct Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26940 Remote Desktop Protocol Client Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29102 Windows Failover Cluster Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29103 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29105 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29106 Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29107 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-29108 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29109 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29110 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29112 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29113 Windows Digital Media Receiver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29114 Windows Print Spooler Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29115 Windows Fax Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29116 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29117 .NET and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-29120 Windows Clustered Shared Volume Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29121 Windows WLAN AutoConfig Service Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-29122 Windows Clustered Shared Volume Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29123 Windows Clustered Shared Volume Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29125 Windows Push Notifications Apps Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29126 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29127 BitLocker Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-29128 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29129 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29130 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29131 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29132 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29133 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29134 Windows Clustered Shared Volume Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29135 Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29137 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29138 Windows Clustered Shared Volume Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29139 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29140 Windows Print Spooler Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-29141 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29145 .NET and Visual Studio Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-29148 Visual Studio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-29150 Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29151 Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-29972 Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver
There are no known exploits in the wild.
CVE-2022-30129 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30130 .NET Framework Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-30138 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.