Included in the latest Patch Tuesday are 73 new vulnerability patches; 6 critical, 2 publicly disclosed and 1 exploited in the wild. This is a decrease of 44 compared to last month's Patch Tuesday release.
May’s instalment includes patches for some key software such as:
This is an important vulnerability affecting Windows Local Security Authority, part of the Windows Client Authentication Architecture which authenticates and creates a logon Session to the Local Computer. This could allow a hacker to produce a man-in-the-middle attack on domain controllers to authenticate the hacker. This vulnerability has been reported to be publicly disclosed and exploited in the wild.
With a critical CVSS of 9.8, a hacker could remotely execute code with a system using the windows NFS service by sending a specially crafted call all while remaining unauthenticated. This could allow a hacker a foothold to access a system by deploying a backdoor. Luckily, this vulnerability hasn’t been seen in the wild nor is it publicly disclosed.
Another critical vulnerability in this month's line-up, with a CVSS of 8.8 exploiting this vulnerability would allow an authenticated user to manipulate attributes on computer accounts they own or manage and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege.
This important vulnerability with a CVSS of 5.6 would allow a hacker to manipulate an input to a Hyper-V component causing a Denial of Service. Successful exploitation of this vulnerability requires a hacker to win a race condition. This vulnerability has been publicly disclosed.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-May/
Security update guide: https://msrc.microsoft.com/update-guide/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
