Tripwire Patch Priority Index for March 2022 | The State of Security


Tripwire’s March 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google Chrome, and Spring Framework.

First on the patch priority list this month is a remote code execution vulnerability in the Spring Framework (CVE-2022-22965). This vulnerability has been added to the Metasploit Exploit Framework and any vulnerable systems should be patched as soon as possible. See the following link for more details: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

Next is a patch for Google Chrome that resolves a use after free vulnerability. This vulnerability has been targeted by two threat groups referred to as Operation AppleJeus and Operation Dream Job who are using exploit kits to target this vulnerability. Vulnerable systems should be patched as soon as possible. More details can be found at the following link: https://blog.google/threat-analysis-group/countering-threats-north-korea/

Up next are patches for Microsoft Word and Visio. These patches resolve 5 vulnerabilities including tampering, security feature bypass, and remote code execution vulnerabilities.

Up next are patches for Microsoft Edge (Chromium-base) that resolve over 21 vulnerabilities such as user after free, type confusion, heap buffer overflow, tampering, and elevation of privilege vulnerabilities.

Following Edge are patches that affect components of the Windows operating systems. These patches resolve over 25 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, DWM Core Library, Windows Defender, Fast FAT File System Driver, Media Center, Windows Installer, SMBv3, Remote Desktop, and others.

Up next are patches for Windows Codec Library (HEIF Image Extensions, HEIF Video Extensions, Media Foundation, Raw Image Extension, VP9 Video Extensions) and Paint 3D. These patches resolve 14 vulnerabilities including remote code execution and information disclosure.

Next are patches for the .NET, Visual Studio, and Visual Studio Code that resolve denial of service, remote code execution, buffer overflow, and spoofing vulnerabilities.

Lastly, administrators should focus on server-side patches for Hyper-V and Exchange Server. These patches resolve remote code execution, spoofing, and denial of service vulnerabilities.

BULLETIN CVE
Exploit Framework – Metasploit CVE-2022-22965
Google Chrome CVE-2022-0609
Microsoft Office Word CVE-2022-24511, CVE-2022-24462
Microsoft Office Visio CVE-2022-24510, CVE-2022-24509, CVE-2022-24461
Microsoft Edge (Chromium-based) CVE-2022-0789, CVE-2022-0790, CVE-2022-0791, CVE-2022-0792, CVE-2022-0793, CVE-2022-0794, CVE-2022-0795, CVE-2022-0796, CVE-2022-0797, CVE-2022-0798, CVE-2022-0799, CVE-2022-0800, CVE-2022-0801, CVE-2022-0802, CVE-2022-0803, CVE-2022-0804, CVE-2022-0805, CVE-2022-0806, CVE-2022-0807, CVE-2022-0808, CVE-2022-0809
Microsoft Windows CVE-2022-23293, CVE-2022-24460, CVE-2022-21973, CVE-2022-23296, CVE-2022-23281, CVE-2022-23290, CVE-2022-24454, CVE-2022-24507, CVE-2022-23294, CVE-2022-24508, CVE-2022-23297, CVE-2022-23298, CVE-2022-23291, CVE-2022-23288, CVE-2022-23253, CVE-2022-23285, CVE-2022-21990, CVE-2022-24503, CVE-2022-24455, CVE-2022-24525, CVE-2022-23284, CVE-2022-23299, CVE-2022-24502, CVE-2022-24505, CVE-2022-23283, CVE-2022-23287, CVE-2022-23286, CVE-2022-24459, CVE-2022-23278
Microsoft Windows Codecs Library CVE-2022-24457, CVE-2022-22006, CVE-2022-22007, CVE-2022-23301, CVE-2022-24456, CVE-2022-24453, CVE-2022-24452, CVE-2022-22010, CVE-2022-21977, CVE-2022-23300, CVE-2022-23295, CVE-2022-24451, CVE-2022-24501
Paint 3D CVE-2022-23282
NET, Visual Studio, Visual Studio Code CVE-2022-24464, CVE-2022-24512, CVE-2020-8927, CVE-2022-24526
Microsoft Exchange Server CVE-2022-23277, CVE-2022-24463
Role: Windows Hyper-V CVE-2022-21975



Source link