"Go patch your systems before" the exploit spreads more widely, ZDI warns.
Microsoft today issued 128 patches in a total of 145 CVEs this month for security vulnerabilities in Windows, Defender, Edge, Exchange Server, Office, SharePoint, DNS server, Windows Print Spooler, and other software.
An elevation of privilege flaw in Windows Common Log File System Driver CVE-2022-24521 is already being exploited in the wild, and was reported to Microsoft by the National Security Agency and researchers from CrowdStrike. "Since this vulnerability only allows a privilege escalation, it is likely paired with a separate code execution bug," ZDI wrote in its analysis of the April batch of Microsoft patches. "It's not stated how widely the exploit is being used in the wild, but it's likely still targeted at this point and not broadly available. Go patch your systems before that situation changes."
There are 10 critical vulns among the security updates today, including two that ZDI says could be abused as worms: a remote code execution bug in RPC Runtime Library (CVE-2022-26809) and a remote code execution flaw in Windows Network File System (CVE-2022-24491/24497).
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024