Microsoft’s April patch Tuesday has around 119 security fixes across all Microsoft software. The patches include 10 critical vulnerabilities and two zero-days.
Products impacted this these security updates include Windows, Microsoft Office, Edge, Hyper-V, Dynamics, File Server, Windows SMB and Skype for Business.
This latest round of patches, usually released every second Tuesday of each month (hence the name Patch Tuesday), addresses a number of issues, including remote code execution and elevation of privilege bugs in addition to denial-of-service, information leaks and spoofing issues. The number of bugs in each category is:
- 47 Elevation of Privilege vulnerabilities.
- 47 Remote Code Execution vulnerabilities.
- 13 Information disclosure vulnerabilities.
- 9 Denial of Service vulnerabilities.
- 3 Spoofing vulnerabilities.
- 26 Edge (Chromium) vulnerabilities.
The 26 Edge (Chromium) vulnerabilities aren’t included in Microsoft’s patch count. The two zero-day vulnerabilities are as follows.
Vulnerability | Description |
---|---|
VE-2022-24521 | This is a privilege escalation bug in the Windows Common Log File System Driver. Microsoft has stated that the vulnerability is actively being exploited despite the bug not being public until now. The issue has a CVSS score of 7.8. |
CVE-2022-26904 | This is a known zero-day escalation of privilege flaw that affects the Windows User Profile Service. According to Microsoft, the attack complexity is high as it causes an attacker to win a race condition. The vulnerability has a CVSS score of 7.0. |
Ten critical vulnerabilities have been patched in this round.
Impacted Product | Vulnerability | Vulnerability type |
---|---|---|
LDAP – Lightweight Directory Access Protocol | CVE-2022-26919 | Remote Code Execution |
Microsoft Dynamics | CVE-2022-23259 | Remote Code Execution |
Windows Hyper-V | CVE-2022-22008 | Remote Code Execution |
Windows Hyper-V | CVE-2022-24537 | Remote Code Execution |
Windows Hyper-V | CVE-2022-23257 | Remote Code Execution |
Windows Network File System | CVE-2022-24491 | Remote Code Execution |
Windows Network File System | CVE-2022-24497 | Remote Code Execution |
Windows Remote Procedure Call Runtime | CVE-2022-26809 | Remote Code Execution |
Windows SMB | CVE-2022-24541 | Remote Code Execution |
Windows SMB | CVE-2022-24500 | Remote Code Execution |
 In the News: Russian cyberattack on Ukrainian energy provider disrupted