1 min read

Microsoft May Patch Tuesday Fixes Actively Exploited Vulnerability

Vlad CONSTANTINESCU
Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Microsoft May Patch Tuesday Fixes Actively Exploited Vulnerability

Microsoft’s Patch Tuesday this month addresses 74 security flaws, including seven high-risk vulnerabilities, 66 important ones, and one flagged as low severity.

Security experts noticed at least one of the patched flaws was under active attack using public exploit codes. Two other vulnerabilities are listed as having public exploit code, but no reports suggest active attacks against them.

The actively exploited vulnerability is a Windows LSA (Local Security Authority) spoofing flaw that could let unauthenticated attackers "coerce the domain controller to authenticate to the attacker using NTLM," according to Microsoft.

The LSA flaw, tracked as CVE-2022-26925, has a CVSS severity score of 8.3. However, “the combined CVSS score would be 9.8 when this vulnerability is chained with the noted NTLM Relay Attacks on Active Directory Certificate Services (AD CS),” Microsoft says.

This month’s Patch Tuesday rollout can help users fend off this attack by detecting anonymous LSARPC connection attempts and disallowing them. System and network administrators are also advised to review the KB5005413 documentation that can help them take further steps to protect networks against NTLM Relay Attacks.

One of the bugs listed with public exploit code is a vulnerability in Azure Synapse and Azure Data Factory pipelines tracked as CVE-2022-29972. Threat actors could leverage this flaw to "perform remote command execution across IR infrastructure not limited to a single tenant.”

The other publicly disclosed exploit code vulnerability is a Windows Hyper-V denial-of-service vulnerability tracked as CVE-2022-22713. However, researchers believe this bug is less likely to be exploited as it requires attackers to “win a race condition.”

To prevent attackers from exploiting these vulnerabilities and others, users should prioritize applying Microsoft’s monthly update rollout. The updates should be installed automatically on most systems, but you can also perform a manual Windows Update check and apply any recommended patches.

tags


Author



Right now

Top posts

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Internet Service Providers Help Spyware Vendor Infect iOS and Android Devices Internet Service Providers Help Spyware Vendor Infect iOS and Android Devices
Vlad CONSTANTINESCU

June 24, 2022

2 min read
QNAP NAS Devices Vulnerable to Remote Attacks Through Critical PHP Flaw Exploit QNAP NAS Devices Vulnerable to Remote Attacks Through Critical PHP Flaw Exploit
Vlad CONSTANTINESCU

June 23, 2022

2 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021 Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
Filip TRUȚĂ

June 22, 2022

1 min read