High Threat Security Alert (A22-02-02): Multiple Vulnerabilities in Microsoft Products (February 2022)

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:

https://msrc.microsoft.com/update-guide/releaseNote/2022-Feb

Reports indicated that the technical details of an elevation of privilege vulnerability in Microsoft Windows and Server (CVE-2022-21989) were publicly disclosed and multiple vulnerabilities (CVE-2022-21984, CVE-2022-21995, CVE-2022-21997, CVE-2022-21999, CVE-2022-22005, CVE-2022-22717 and CVE-2022-22718) are at a high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Microsoft Windows 7, 8.1, RT 8.1, 10, 11
• Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2022, 2022 Azure Edition Core Hotpatch
• Microsoft Windows Server, version 20H2
• Microsoft Office 2013, 2013 Click-to-Run, 2013 RT, 2016, 2019, 2019 for Mac, LTSC 2021, LTSC for Mac 2021
• Microsoft Office Online Server
• Microsoft Office Web Apps Server 2013
• Microsoft Excel 2013, 2013 RT, 2016
• Microsoft Outlook 2016 for Mac
• Microsoft SharePoint Enterprise Server 2013, 2016
• Microsoft SharePoint Foundation 2013
• Microsoft SharePoint Server 2019, Subscription Edition
• Microsoft 365 Apps for Enterprise
• Microsoft Dynamics 365 (on-premises) version 8.2, version 9.0
• Microsoft Visual Studio 2019, 2022
• Visual Studio 2019 for Mac version 8.10
• Visual Studio Code
• .NET 5.0, 6.0
• Azure Data Explorer
• HEVC Video Extensions
• Microsoft Teams for Android, iOS
• Microsoft Teams Admin Center
• OneDrive for Android
• SQL Server 2019 for Linux Containers
• VP9 Video Extensions

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security feature bypass and spoofing.

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://msrc.microsoft.com/update-guide/releaseNote/2022-Feb
• https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-february-2022
• https://www.cisa.gov/uscert/ncas/current-activity/2022/02/08/microsoft-releases-february-2022-security-updates
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21844
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21926
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21927
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21957
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21965
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21968
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21971
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21974
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21981
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21984 (to CVE-2022-21989)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21991 (to CVE-2022-22005)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22709
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22710
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22712
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22715 (to CVE-2022-22718)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23252
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23254 (to CVE-2022-23256)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23269
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23271 (to CVE-2022-23274)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23276
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23280