his weeks Cytidel Intel Insights explores Microsoft's July patch Tuesday and looks into the actively exploited zero-day - CVE-2022-22047.
On this week’s Cytidel Intelligence Insights, we’re analysing Microsoft’s Patch Tuesday release which fixed 84 vulnerabilities, of which, 4 are critical and previously undisclosed. The key vulnerability being focused on is CVE-2022-22047 as this is a zero-day being actively exploited in the wild.
What Is It?
CVE-2022-22047 is a privilege elevation vulnerability affecting Windows CSRSS (Client Server Run-Time Subsystem) which controls the underlying layer for the Windows environment. While the CVSS for this is rated at 7.8, Microsoft have advised the complexity of the vulnerability is low, required privileges are low, and there is no user interaction required which makes this particularly interesting.
Why Should I Care?
It’s important to keep up to date with the latest Windows patches due to the volume of vulnerabilities fixed during each patch Tuesday and the volume of attacks targeting the Windows operating system. Maintaining your Windows patches ensures you’re protected against the latest known threats targeting the Windows operating system and reduces your overall risk exposure. CVE-2022-22047 is currently rated in the 25th percentile of all vulnerabilities exploited, therefore should be monitored however fixing it is as simple as installing the latest Windows security patches.
Am I Vulnerable?
If you haven’t installed the July Windows security patches, yes. However fixes have been released and installing the latest available updates will mitigate these vulnerabilities.
Important Note
At the time of writing, some users have been reporting issues with Microsoft Access applications following the install of the July security patches. This has led to some users unable to open Access applications. Microsoft are currently investigating this issue and will release a fix once the root cause has been identified. If you rely on Access applications, you can follow the Microsoft advisory here.
For more information on weekly vulnerability trends, make sure to subscribe to Cytidel on LinkedIn to keep up to date. If you have any questions on how Cytidel can help your company or organisation with vulnerability management please contact hello@cytidel.com