Posts

Microsoft Security Bulletin Coverage for April 2022

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of April 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-24474 Windows Win32k Elevation of Privilege Vulnerability
ASPY 315: Malformed-File exe.MP_249

CVE-2022-24481 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 316: Malformed-File exe.MP_250

CVE-2022-24491 Windows Network File System Remote Code Execution Vulnerability
IPS 81080: Malformed RPC Portmapper Request 2

CVE-2022-24497 Windows Network File System Remote Code Execution Vulnerability
IPS 81090: Malformed RPC Portmapper Request 3

CVE-2022-24521 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 310: Malformed-File exe.MP_244

CVE-2022-24542 Windows Win32k Elevation of Privilege Vulnerability
ASPY 317: Malformed-File exe.MP_251

CVE-2022-24546 Windows DWM Core Library Elevation of Privilege Vulnerability
ASPY 313: Malformed-File exe.MP_247

CVE-2022-24547 Windows Digital Media Receiver Elevation of Privilege Vulnerability
ASPY 312: Malformed-File exe.MP_246

CVE-2022-26809 Remote Procedure Call Runtime Remote Code Execution Vulnerability
IPS 15757:RPC Microsoft RPC Runtime Remote Code Execution (CVE-2022-26809)

CVE-2022-26904 Windows User Profile Service Elevation of Privilege Vulnerability
ASPY 314: Malformed-File exe.MP_248

CVE-2022-26914 Win32k Elevation of Privilege Vulnerability
ASPY 311: Malformed-File exe.MP_245

Adobe Coverage :
CVE-2022-28244 Acrobat Reader Arbitrary code execution
ASPY 318: Malformed-File pdf.MP_523
CVE-2022-27799 Acrobat Reader Arbitrary code execution
ASPY 319: Malformed-File pdf.MP_524
CVE-2022-24102 Acrobat Reader Arbitrary code execution
ASPY 320: Malformed-File pdf.MP_525

The following vulnerabilities do not have exploits in the wild :
CVE-2022-21983 Win32 Stream Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22009 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23259 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23268 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-23292 Microsoft Power BI Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24472 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24473 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24475 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24479 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24482 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24483 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24484 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24485 Win32 File Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24486 Windows Kerberos Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24487 Windows Local Security Authority (LSA) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24488 Windows Desktop Bridge Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24489 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24490 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24492 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24493 Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24494 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24495 Windows Direct Show – Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24496 Local Security Authority (LSA) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24498 Windows iSCSI Target Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24499 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24500 Windows SMB Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24513 Visual Studio Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24523 Microsoft Edge (Chromium-based) Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-24527 Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24528 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24530 Windows Installer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24532 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24533 Remote Desktop Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24534 Win32 Stream Enumeration Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24536 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24538 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24539 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-24540 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24541 Windows Server Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24543 Windows Upgrade Assistant Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24544 Windows Kerberos Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24545 Windows Kerberos Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24548 Microsoft Defender Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-24549 Windows AppX Package Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24550 Windows Telephony Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-24765 GitHub: Uncontrolled search for the Git directory in Git for Windows
There are no known exploits in the wild.
CVE-2022-24767 GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account
There are no known exploits in the wild.
CVE-2022-26783 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26784 Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26785 Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26786 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26787 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26788 PowerShell Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26789 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26790 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26791 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26792 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26793 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26794 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26795 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26796 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26797 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26798 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26801 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26802 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26803 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26807 Windows Work Folder Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26808 Windows File Explorer Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26810 Windows File Server Resource Management Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26811 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26812 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26813 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26814 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26815 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26816 Windows DNS Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26817 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26818 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26819 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26820 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26821 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26822 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26823 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26824 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26825 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26826 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26827 Windows File Server Resource Management Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26828 Windows Bluetooth Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26829 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26830 DiskUsage.exe Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26831 Windows LDAP Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26832 .NET Framework Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26891 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26894 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26895 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26896 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26897 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26898 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26900 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26901 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26903 Windows Graphics Component Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26907 Azure SDK for .NET Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26908 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26909 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26910 Skype for Business and Lync Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-26911 Skype for Business Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26912 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26915 Windows Secure Channel Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-26916 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26917 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26918 Windows Fax Compose Form Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26919 Windows LDAP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-26920 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-26921 Visual Studio Code Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-26924 YARP Denial of Service Vulnerability
There are no known exploits in the wild.