• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

The Nothing Headphone (1) is totally bizarre in the best kind of way

July 1, 2025

Apple Drops MLS Season Pass to Half-Price

July 1, 2025

Apple’s Next MacBook Might Have More in Common With Your iPhone Than You Think

July 1, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Tech News»July Patch Tuesday brings more than 80 fixes, one zero-day
Tech News

July Patch Tuesday brings more than 80 fixes, one zero-day

July 17, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
July Patch Tuesday brings more than 80 fixes, one zero-day
Share
Facebook Twitter LinkedIn Pinterest Email

Microsoft prospects with Home windows Enterprise E3 and E5 licences can now make the most of automated patching with Redmond’s Home windows Autopatch service – formally launched yesterday – however for everyone else, the newest Patch Tuesday replace brings greater than 80 fixes, together with one actively exploited zero-day to which consideration have to be paid.

Tracked as CVE-2022-22047, the zero-day is in Home windows Consumer Server Runtime Course of (CSRSS), a extremely vital a part of each Home windows working system that manages a number of essential processes.

Thankfully, profitable exploitation requires an attacker to have an present foothold on the goal’s techniques, so it carries a relatively low CVSS rating of simply 7.8. Nevertheless, Microsoft mentioned it’s underneath lively assault and if efficiently exploited, may permit the attacker to execute code with SYSTEM-level privileges.

Assessing the potential influence of CVE-2022-22047, Immersive Labs’ Kev Breen mentioned: “This sort of vulnerability is often seen after a goal has already been compromised. Crucially, it permits the attacker to escalate their permissions from that of a standard person to the identical permissions because the SYSTEM.

“With this stage of entry, the attackers are in a position to disable native companies corresponding to endpoint detection and safety instruments. With SYSTEM entry they will additionally deploy instruments like Mimikatz which can be utilized to recuperate much more admin and area stage accounts, spreading the menace shortly,” mentioned Breen.

Mike Walters, co-founder of Action1, a provider of cloud distant monitoring and administration companies, added: “Vulnerabilities of this kind are nice for taking management over a workstation or server when they’re paired with phishing assaults that use Workplace paperwork with macros. This vulnerability can probably be mixed with Follina to achieve full management over a Home windows endpoint.”

See also  UK government introduces data reforms legislation to Parliament

The worth of macros in efficiently crafting an assault that exploits CVE-2022-22047 will make it of further concern for a lot of, given Microsoft’s suspension of its new coverage to dam macros by default late final week, apparently solely quickly.

Elsewhere, Redmond’s July drop comprises fixes for 4 essential vulnerabilities, all of which allow distant code execution. These are, in numerical order, CVE-2022-22029 in Home windows Community File System; CVE-2022-22038 in Distant Process Name Runtime; CVE-2022-22039, additionally in Home windows Community File System; and at last, CVE-2022-30221 in Home windows Graphics Element.

Of those 4 vulnerabilities, the primary three can be comparatively difficult for attackers to use as a result of they require a considerable amount of sustained information to be transmitted, whereas the fourth requires an attacker to run a malicious distant desktop (RDP) server, and persuade a person to connect with it. “This isn’t as far-fetched because it first sounds,” mentioned Breen. “As RDP shortcut recordsdata could possibly be emailed to focus on victims, and these file sorts could not flag as malicious by electronic mail scanners and filters.”

Trying past essentially the most impactful vulnerabilities, the July drop can be notable for a excessive variety of fixes that tackle a whopping 33 elevation of privilege vulnerabilities within the Azure Website Restoration service.

None of those vulnerabilities are being actively exploited, however in line with Chris Goettl of Ivanti, they’re extremely problematic. “The priority is within the variety of vulnerabilities resolved,” he mentioned. “They had been recognized by a number of unbiased researchers and nameless events, which implies the information of the way to exploit these vulnerabilities is a little more broadly distributed.

See also  The best deals on true wireless earbuds September 2022

“The decision can be not easy. It requires signing into every course of server as an administrator, downloading and putting in the newest model. Vulnerabilities like this are sometimes simple to lose monitor of as they aren’t managed by the everyday patch administration course of.”

Goettl additionally known as out 4 print-spooler vulnerabilities – once more none beforehand disclosed or exploited, however nonetheless dangerous by way of the disruption they might probably trigger to organisations. “Since PrintNightmare, there have been many Print Spooler fixes, and in additional than a type of Patch Tuesday occasions the adjustments have resulted in operational impacts,” he mentioned.

“This makes directors slightly gun-shy and warrants some further testing to make sure no unfavorable points happen of their organisation,” mentioned Goettl. “The larger threat is that if this blocks an organisation from pushing the July OS replace it may forestall resolving essential vulnerabilities and the zero-day vulnerability CVE-2022-22047, which can be included within the cumulative OS replace.”

Source link

brings fixes July Patch Tuesday ZeroDay
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Apple Brings a Whole New Multitasking Game to iPadOS 26

June 10, 2025

Five New Games Launch on Apple Arcade, Four More on the Way on July 3

June 6, 2025

iOS 18.5 Brings First Security Update for Apple’s C1 Modem

May 14, 2025

iOS 18 Brings Pair of New Features for Recording Video in Camera App – iDrop News

September 12, 2024
Add A Comment

Comments are closed.

Editors Picks

Fitbit Sense review

August 6, 2022

Apple Mail vs. Yahoo Mail vs. AOL Mail: Which App is Better?

November 25, 2023

Apple Watch Ban Now In Full Effect as Biden Administration Upholds ITC Ruling

December 27, 2023

Twisted Metal season one has finished filming

August 28, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

The Nothing Headphone (1) is totally bizarre in the best kind of way

Apple Drops MLS Season Pass to Half-Price

Apple’s Next MacBook Might Have More in Common With Your iPhone Than You Think

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.