Update fixes major bugs from Microsoft
Many security vulnerabilities remain hidden until a thorough assessment reveals them. This is how during one of these reviews major bugs were reported by Microsoft security experts. The tests carried out confirm that these breaches are ofextremely dangerous if exploited by hackers. Therefore, to limit the damage, a security patch has been implemented.
In fact, the majority of the vulnerabilities discovered attack computer systems by bypassing privilege checking devices. In addition, two other flaws in the Edge browser running on Chromium have also been resolved in parallel by the technology giant Microsoft.
For now, little information is available on the real nature of the flaws, as well as the extent of the damage, if they are used by hackers. In addition, some of these breaches were notified by Sergey GlazunovGoogle Project Zero researcher.
A series of major flaws finally resolved
The most important of the recent security fixes is CVE-2022-22047. This is actually a case of short privileges in the Windows Client Server Runtime subfiles. According to assessments by security experts, this flaw could be abused by an attacker to gain SYSTEM permissions.
” With this privilege, spies are able to bypass local applications such as reconnaissance and exit management devices with SYSTEM access. These hackers could also install programs like Mimikatz, which will allow them to steal more administrative and domain rights.»
Kev Breen, Cyber Threat Research Manager at Immersive Labs
Underlying flaws have also been fixed
Apart from CVE-2022-22047, many privilege escalation bugs have been fixed in the same category of network files. These include security breaches CVE-2022-22026 and CVE-2022-22049. Besides, security experts have also resolved numerous remote script execution flaws in Windows networking component set.
However, the latest security patch contains within it the solution to 32 issues reported in Azure Site Recovery Business Continuity Department. Some of these breaches are responsible for code execution from remote servers and others relate to privilege escalation.
” A spy who bypassed the local authentication firewalls would be able to manipulate sensitive information belonging to the CSRSS service. By doing so, this hacker will elevate their user rights.»
Microsoft Software Security Experts