Administrators and users have a lot to do on Microsoft’s August patch day: the manufacturer is providing bug fixes for 121 security vulnerabilities. One of the vulnerabilities is already being attacked by cybercriminals, so it is a zero-day vulnerability. Microsoft classifies a total of 17 security-related errors as a critical risk.
The zero-day vulnerability can once again be found in the Microsoft Windows Support Diagnostic Tool MSDT. The company explains that attackers could use manipulated emails or prepared websites to send potential victims files that exploit the error to compromise the computer. Victims would have to open the file via e-mail, on the web server, according to Microsoft’s explanation, visiting the website is sufficient (CVE-2022-34713, CVSS 7.8Risk “hoch“). It is a variant of the MSDT gaps, also known as a dogwalk.
A gap in the Windows Point-to-Point Protocol (PPP) also stands out. Microsoft describes that attackers from the network could exploit the vulnerability without authentication and without user interaction – so the vulnerability has worm potential. It is sufficient to send a prepared connection request to the RAS server. Especially if the port is accessible from the Internet, administrators should quickly install the patch (CVE-2022-30133, CVSS 9.8Risk “critical“).
Details of a vulnerability in Exchange that could allow attackers to obtain information are already publicly available (CVE-2022-30134, CVSS 7.6, hoch). In the mail server, Microsoft seals another five vulnerabilities, three of which are critical. Because Exchange vulnerabilities have been heavily targeted by cybercriminals in the past, Microsoft estimates three vulnerabilities – allowing escalation of privileges – as likely to be exploited.
The gaps are spread across many of the company’s products. 44 of the vulnerabilities relate to the Azure portfolio of cloud services. Microsoft’s list is quite extensive. Patches will be available in August for
.NET CoreActive Directory Domain ServicesAzure Batch Node AgentAzure Real-Time OSAzure Site RecoveryAzure SphereMicrosoft ATA Port DriverMicrosoft Bluetooth DriverMicrosoft Edge (Chromium-based)Microsoft Exchange ServerMicrosoft OfficeMicrosoft Office ExcelMicrosoft Office OutlookMicrosoft Windows Support Diagnostic Tool (MSDT)RAS Service Point-to-Point Tunneling ProtocolRole: Windows Fax ServiceRole: Windows Hyper-VSystem Center Operations ManagerVisual StudioWindows Bluetooth ServiceWindows Canonical Display DriverWindows Cloud Files Mini Filter DriverWindows Defender Credential GuardWindows Digital MediaWindows Error ReportingWindows HelloWindows Internet Information ServicesWindows KerberosWindows KernelWindows Local Security Authority (LSA )Windows Network File SystemWindows Partition Management DriversWindows Point-to-Point Tunneling ProtocolWindows Printer Spooler ComponentsWindows Secure BootWindows Secure Socket Tunneling Protocol (SSTP)Windows Storage Spaces DirectWindows Unified Write FilterWindows WebBrowser ControlWindows Win32K
Administrators should apply the updates as soon as possible, especially given that a vulnerability is already being actively attacked. In addition, the vulnerabilities classified as critical pose a threat to computer and network security.
To home page