Skip to main content
Patch ManagementPatch Tuesday

February Patch Tuesday 2022 Fixes 51 Vulnerabilities

By February 8, 2022June 24th, 2022No Comments
February Patch Tuesday 2021

February Patch Tuesday 2022 Fixes 51 Vulnerabilities

The second Patch Tuesday of 2022 has arrived — tackle the latest Microsoft updates and vulnerabilities for the month of February.

Microsoft Releases 51 fixes this month including 1 Public Aware threat

here are 50 Important fixes in this release and 1 Moderate.  Microsoft Windows and Windows Components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office and Office Components, Windows Hyper-V Server, SQL Server, Visual Studio Code, and Microsoft Teams.

Year 3 Extended Support – Windows 7 and Windows Server 2008 (including R2) have received some updates this month.

Robert Brown, Head of Customer Success for Syxsense said, “This is the first year we have a Microsoft release which has not consisted of a Critical severity vulnerability rated by the Vendor.  This is the reason it is essential to compare different severity systems instead of relying on a single source of truth, in this case the vendor rated severity.  There are still extremely important vulnerabilities to remediate this month, the lack of a Critical vulnerabilities does not allow you to relax just yet.”

 

Top February 2022 Patches and Vulnerabilities

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below. As usual, we recommend our customers enter the CVE numbers below into your patch management solution and deploy as soon as possible.

1. CVE-2022-21989: Windows Kernel Elevation of Privilege Vulnerability

Windows does not properly impose security restrictions in Windows Kernel, which leads to security restrictions bypass and privilege escalation.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.8
  • Weaponised: No
  • Public Aware: Yes
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): Yes

2. CVE-2022-21984: Windows DNS Server Remote Code Execution Vulnerability

This patch fixes a remote code execution bug in the Microsoft DNS server.  An attacker could completely take over your DNS and execute code with elevated privileges.

Syxscore

  • Vendor Severity: Important
  • CVSS: 8.8
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: Yes – The server is only affected if dynamic updates are enabled, but this is a relatively common configuration. 

Syxscore Risk

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges: Low
  • User Interaction: None
  • Scope (Jump Point): No

3. CVE-2022-21995: Windows Hyper-V Remote Code Execution Vulnerability

This patch fixes a guest-to-host escape in Hyper-V server and successful exploitation of this vulnerability may result in complete compromise of the system.

Syxscore

  • Vendor Severity: Important
  • CVSS: 7.9
  • Weaponised: No
  • Public Aware: No
  • Countermeasure: No

Syxscore Risk

  • Attack Vector: Adjacent
  • Attack Complexity: High
  • Privileges: None
  • User Interaction: Required
  • Scope (Jump Point): Yes
  • Scope (Jump Point): No

Syxsense Recommendations

Based on the Vendor Severity and CVSS Score, we have made a few recommendations below which you should prioritize this month. Please pay close attention to any of these which are Publicly Aware and / or Weaponized.

CVE Title Vendor Severity CVSS Score Countermeasure Publicly Aware Weaponised Highly Recommended
CVE-2022-21989 Windows Kernel Elevation of Privilege Vulnerability Important 7.8 Yes No Yes
CVE-2022-21984 Windows DNS Server Remote Code Execution Vulnerability Important 8.8 Yes No No Yes
CVE-2022-22005 Microsoft SharePoint Server Remote Code Execution Vulnerability Important 8.8 No No Yes
CVE-2022-23274 Microsoft Dynamics GP Remote Code Execution Vulnerability Important 8.3 No No Yes
CVE-2022-23256 Azure Data Explorer Spoofing Vulnerability Important 8.1 No No Yes
CVE-2022-23272 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Important 8.1 No No Yes
CVE-2022-21991 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability Important 8.1 No No Yes
CVE-2022-21987 Microsoft SharePoint Server Spoofing Vulnerability Important 8 No No Yes
CVE-2022-21995 Windows Hyper-V Remote Code Execution Vulnerability Important 7.9 No No Yes
CVE-2022-21844 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-21926 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-21927 HEVC Video Extensions Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-22004 Microsoft Office ClickToRun Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-22003 Microsoft Office Graphics Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-21988 Microsoft Office Visio Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-22715 Named Pipe File System Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-21974 Roaming Security Rights Management Services Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-23276 SQL Server for Linux Containers Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-22709 VP9 Video Extensions Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-21996 Win32k Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-21981 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-22000 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-21994 Windows DWM Core Library Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-21992 Windows Mobile Device Management Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-21999 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-22718 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-22001 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Important 7.8 No No Yes
CVE-2022-21971 Windows Runtime Remote Code Execution Vulnerability Important 7.8 No No Yes
CVE-2022-23263 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 7.7 No No Yes
CVE-2022-21986 .NET Denial of Service Vulnerability Important 7.5 No No
CVE-2022-21965 Microsoft Teams Denial of Service Vulnerability Important 7.5 No No
CVE-2022-21993 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Important 7.5 No No
CVE-2022-21957 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability Important 7.2 No No
CVE-2022-23273 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Important 7.1 No No
CVE-2022-21997 Windows Print Spooler Elevation of Privilege Vulnerability Important 7.1 No No
CVE-2022-22717 Windows Print Spooler Elevation of Privilege Vulnerability Important 7 No No
CVE-2022-23269 Microsoft Dynamics GP Spoofing Vulnerability Important 6.9 No No
CVE-2022-23271 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Important 6.5 No No
CVE-2022-23262 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important 6.3 No No
CVE-2022-23255 Microsoft OneDrive for Android Security Feature Bypass Vulnerability Important 5.9 No No
CVE-2022-22712 Windows Hyper-V Denial of Service Vulnerability Important 5.6 No No
CVE-2022-22716 Microsoft Excel Information Disclosure Vulnerability Important 5.5 No No
CVE-2022-23252 Microsoft Office Information Disclosure Vulnerability Important 5.5 No No
CVE-2022-22710 Windows Common Log File System Driver Denial of Service Vulnerability Important 5.5 No No
CVE-2022-21998 Windows Common Log File System Driver Information Disclosure Vulnerability Important 5.5 No No
CVE-2022-21985 Windows Remote Access Connection Manager Information Disclosure Vulnerability Important 5.5 No No
CVE-2022-22002 Windows User Account Profile Picture Denial of Service Vulnerability Important 5.5 No No
CVE-2022-23280 Microsoft Outlook for Mac Security Feature Bypass Vulnerability Important 5.3 No No
CVE-2022-23261 Microsoft Edge (Chromium-based) Tampering Vulnerability Moderate 5.3 No No
CVE-2022-23254 Microsoft Power BI Elevation of Privilege Vulnerability Important 4.9 No No
CVE-2022-21968 Microsoft SharePoint Server Security Feature Bypass Vulnerability Important 4.3 No No

Leave a Reply