• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – ShadowPad RAT – Active IOCs
April 13, 2022
Rewterz Threat Alert – LokiBot Malware – Active IOCs
April 13, 2022

Rewterz Threat Advisory – Multiple Microsoft Patch Tuesday Vulnerabilities

April 13, 2022

Severity

High

Analysis Summary

Following are the Microsoft patch Tuesday vulnerabilities released in the month of April

CVETitleSeverityCVSSType
CVE-2022-24521Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26904Windows User Profile Service Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-23259Microsoft Dynamics 365 (on-premises) Remote Code Execution VulnerabilityCritical8.8RCE
CVE-2022-26809RPC Runtime Library Remote Code Execution VulnerabilityCritical9.8RCE
CVE-2022-22008Windows Hyper-V Remote Code Execution VulnerabilityCritical7.7RCE
CVE-2022-23257Windows Hyper-V Remote Code Execution VulnerabilityCritical8.6RCE
CVE-2022-24537Windows Hyper-V Remote Code Execution VulnerabilityCritical7.7RCE
CVE-2022-26919Windows LDAP Remote Code Execution VulnerabilityCritical8.1RCE
CVE-2022-24491Windows Network File System Remote Code Execution VulnerabilityCritical9.8RCE
CVE-2022-24497Windows Network File System Remote Code Execution VulnerabilityCritical9.8RCE
CVE-2022-24541Windows Server Service Remote Code Execution VulnerabilityCritical8.8RCE
CVE-2022-24500Windows SMB Remote Code Execution VulnerabilityCritical8.8RCE
CVE-2022-26832.NET Framework Denial of Service VulnerabilityImportant7.5DoS
CVE-2022-26907Azure SDK for .NET Information Disclosure VulnerabilityImportant5.3Info
CVE-2022-26896Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9EoP
CVE-2022-26897Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9EoP
CVE-2022-26898Azure Site Recovery Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-24489Cluster Client Failover (CCF) Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24479Connected User Experiences and Telemetry Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26830DiskUsage.exe Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-24767GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user accountImportantUnknownEoP
CVE-2022-24765GitHub: Uncontrolled search for the Git directory in Git for WindowsImportantUnknownEoP
CVE-2022-24532HEVC Video Extensions Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-24496Local Security Authority (LSA) Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24548Microsoft Defender Denial of Service VulnerabilityImportant5.5DoS
CVE-2022-24475Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-26891Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-26894Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-26895Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-26900Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-26908Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityImportant8.3EoP
CVE-2022-24473Microsoft Excel Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-26901Microsoft Excel Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-26924YARP Denial of Service VulnerabilityImportant7.5DoS
CVE-2022-24493Microsoft Local Security Authority (LSA) Server Information Disclosure VulnerabilityImportant5.5Info
CVE-2022-23292Microsoft Power BI Spoofing VulnerabilityImportant7.1Spoofing
CVE-2022-24472Microsoft SharePoint Server Spoofing VulnerabilityImportant8Spoofing
CVE-2022-26788PowerShell Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24533Remote Desktop Protocol Remote Code Execution VulnerabilityImportant8RCE
CVE-2022-24492Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant8.8RCE
CVE-2022-24528Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant8.8RCE
CVE-2022-26910Skype for Business and Lync Spoofing VulnerabilityImportant5.3Spoofing
CVE-2022-26911Skype for Business Information Disclosure VulnerabilityImportant6.5Info
CVE-2022-26921Visual Studio Code Elevation of Privilege VulnerabilityImportantUnknownEoP
CVE-2022-24513Visual Studio Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24485Win32 File Enumeration Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-21983Win32 Stream Enumeration Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-24534Win32 Stream Enumeration Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-26914Win32k Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24482Windows ALPC Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-24540Windows ALPC Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-24494Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24549Windows AppX Package Manager Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26828Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-24484Windows Cluster Shared Volume (CSV) Denial of Service VulnerabilityImportant5.5DoS
CVE-2022-24538Windows Cluster Shared Volume (CSV) Denial of Service VulnerabilityImportant6.5DoS
CVE-2022-26784Windows Cluster Shared Volume (CSV) Denial of Service VulnerabilityImportant6.5DoS
CVE-2022-24481Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24488Windows Desktop Bridge Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24547Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24495Windows Direct Show – Remote Code Execution VulnerabilityImportant7RCE
CVE-2022-26816Windows DNS Server Information Disclosure VulnerabilityImportant4.9Info
CVE-2022-24536Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26811Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26812Windows DNS Server Remote Code Execution VulnerabilityImportant6.7RCE
CVE-2022-26813Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26814Windows DNS Server Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-26815Windows DNS Server Remote Code Execution VulnerabilityImportant8.8RCE
CVE-2022-26817Windows DNS Server Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-26818Windows DNS Server Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-26819Windows DNS Server Remote Code Execution VulnerabilityImportant6.6RCE
CVE-2022-26820Windows DNS Server Remote Code Execution VulnerabilityImportant6.6RCE
CVE-2022-26821Windows DNS Server Remote Code Execution VulnerabilityImportant6.6RCE
CVE-2022-26822Windows DNS Server Remote Code Execution VulnerabilityImportant6.6RCE
CVE-2022-26823Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26824Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26825Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26826Windows DNS Server Remote Code Execution VulnerabilityImportant7.2RCE
CVE-2022-26829Windows DNS Server Remote Code Execution VulnerabilityImportant7.5RCE
CVE-2022-24546Windows DWM Core Library Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24527Windows Endpoint Configuration Manager Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26916Windows Fax Compose Form Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-26917Windows Fax Compose Form Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-26918Windows Fax Compose Form Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-26808Windows File Explorer Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-26810Windows File Server Resource Management Service Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26827Windows File Server Resource Management Service Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-26920Windows Graphics Component Information Disclosure VulnerabilityImportant5.5Info
CVE-2022-26903Windows Graphics Component Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-23268Windows Hyper-V Denial of Service VulnerabilityImportant6.5DoS
CVE-2022-22009Windows Hyper-V Remote Code Execution VulnerabilityImportant7.7RCE
CVE-2022-24490Windows Hyper-V Shared Virtual Hard Disks Information Disclosure VulnerabilityImportant8.1Info
CVE-2022-24539Windows Hyper-V Shared Virtual Hard Disks Information Disclosure VulnerabilityImportant8.1Info
CVE-2022-26783Windows Hyper-V Shared Virtual Hard Disks Information Disclosure VulnerabilityImportant6.5Info
CVE-2022-26785Windows Hyper-V Shared Virtual Hard Disks Information Disclosure VulnerabilityImportant6.5Info
CVE-2022-24499Windows Installer Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24530Windows Installer Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24498Windows iSCSI Target Service Information Disclosure VulnerabilityImportant6.5Info
CVE-2022-24486Windows Kerberos Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24544Windows Kerberos Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24545Windows Kerberos Remote Code Execution VulnerabilityImportant8.1RCE
CVE-2022-24483Windows Kernel Information Disclosure VulnerabilityImportant5.5Info
CVE-2022-26831Windows LDAP Denial of Service VulnerabilityImportant7.5DoS
CVE-2022-24487Windows Local Security Authority (LSA) Remote Code Execution VulnerabilityImportant8.8RCE
CVE-2022-26786Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26787Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26789Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26790Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26791Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26792Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26793Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26794Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26795Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26796Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26797Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26798Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26801Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26802Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26803Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26915Windows Secure Channel Denial of Service VulnerabilityImportant7.5DoS
CVE-2022-24550Windows Telephony Server Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24543Windows Upgrade Assistant Remote Code Execution VulnerabilityImportant7.8RCE
CVE-2022-24474Windows Win32k Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-24542Windows Win32k Elevation of Privilege VulnerabilityImportant7.8EoP
CVE-2022-26807Windows Work Folder Service Elevation of Privilege VulnerabilityImportant7EoP
CVE-2022-26909Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityModerate8.3EoP
CVE-2022-26912Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityModerate8.3EoP
CVE-2022-24523Microsoft Edge (Chromium-based) Spoofing VulnerabilityModerate4.3EoP
CVE-2022-1129 *Chromium: Inappropriate implementation in Full Screen ModeHighN/ARCE
CVE-2022-1128 *Chromium: Inappropriate implementation in Web Share APIHighN/ARCE
CVE-2022-1130 *Chromium: Insufficient validation of untrusted input in WebOTPHighN/ARCE
CVE-2022-1134 *Chromium: Type Confusion in V8HighN/ARCE
CVE-2022-1232 *Chromium: Type Confusion in V8HighN/ARCE
CVE-2022-1131 *Chromium: Use after free in Cast UIHighN/ARCE
CVE-2022-1125 *Chromium: Use after free in PortalsHighN/ARCE
CVE-2022-1127 *Chromium: Use after free in QR Code GeneratorHighN/ARCE
CVE-2022-1133 *Chromium: Use after free in WebRTCHighN/ARCE
CVE-2022-1143 *Chromium: Heap buffer overflow in WebUIMediumN/ARCE
CVE-2022-1139 *Chromium: Inappropriate implementation in Background Fetch APIMediumN/AN/A
CVE-2022-1137 *Chromium: Inappropriate implementation in ExtensionsMediumN/AN/A
CVE-2022-1138 *Chromium: Inappropriate implementation in Web CursorMediumN/AN/A
CVE-2022-1145 *Chromium: Use after free in ExtensionsMediumN/ARCE
CVE-2022-1135 *Chromium: Use after free in Shopping CartMediumN/ARCE
CVE-2022-1136 *Chromium: Use after free in Tab StripMediumN/ARCE
CVE-2022-1146 *Chromium: Inappropriate implementation in Resource TimingLowN/AEoP

Impact

  • Privilege Escalation
  • Remote Code Execution
  • Denial of Service
  • Information Disclosure

Indicator Of Compromise

CVE

  • CVE-2022-24521
  • CVE-2022-26904
  • CVE-2022-23259
  • CVE-2022-26809
  • CVE-2022-22008
  • CVE-2022-23257
  • CVE-2022-24537
  • CVE-2022-26919
  • CVE-2022-24491
  • CVE-2022-24497
  • CVE-2022-24541
  • CVE-2022-24500
  • CVE-2022-26832
  • CVE-2022-26907
  • CVE-2022-26896
  • CVE-2022-26897
  • CVE-2022-26898
  • CVE-2022-24489
  • CVE-2022-24479
  • CVE-2022-26830
  • CVE-2022-24767
  • CVE-2022-24765
  • CVE-2022-24532
  • CVE-2022-24496
  • CVE-2022-24548
  • CVE-2022-24475
  • CVE-2022-26891
  • CVE-2022-26894
  • CVE-2022-26895
  • CVE-2022-26900
  • CVE-2022-26908
  • CVE-2022-24473
  • CVE-2022-26901
  • CVE-2022-26924
  • CVE-2022-24493
  • CVE-2022-23292
  • CVE-2022-24472
  • CVE-2022-26788
  • CVE-2022-24533
  • CVE-2022-24492
  • CVE-2022-24528
  • CVE-2022-26910
  • CVE-2022-26911
  • CVE-2022-26921
  • CVE-2022-24513
  • CVE-2022-24485
  • CVE-2022-21983
  • CVE-2022-24534
  • CVE-2022-26914
  • CVE-2022-24482
  • CVE-2022-24540
  • CVE-2022-24494
  • CVE-2022-24549
  • CVE-2022-26828
  • CVE-2022-24484
  • CVE-2022-24538
  • CVE-2022-26784
  • CVE-2022-24481
  • CVE-2022-24488
  • CVE-2022-24547
  • CVE-2022-24495
  • CVE-2022-26816
  • CVE-2022-24536
  • CVE-2022-26811
  • CVE-2022-26812
  • CVE-2022-26813
  • CVE-2022-26814
  • CVE-2022-26815
  • CVE-2022-26817
  • CVE-2022-26818
  • CVE-2022-26819
  • CVE-2022-26820
  • CVE-2022-26821
  • CVE-2022-26822
  • CVE-2022-26823
  • CVE-2022-26824
  • CVE-2022-26825
  • CVE-2022-26826
  • CVE-2022-26829
  • CVE-2022-24546
  • CVE-2022-24527
  • CVE-2022-26916
  • CVE-2022-26917
  • CVE-2022-26918
  • CVE-2022-26808
  • CVE-2022-26810
  • CVE-2022-26827
  • CVE-2022-26920
  • CVE-2022-26903
  • CVE-2022-23268
  • CVE-2022-22009
  • CVE-2022-24490
  • CVE-2022-24539
  • CVE-2022-26783
  • CVE-2022-26785
  • CVE-2022-24499
  • CVE-2022-24530
  • CVE-2022-24498
  • CVE-2022-24486
  • CVE-2022-24544
  • CVE-2022-24545
  • CVE-2022-24483
  • CVE-2022-26831
  • CVE-2022-24487
  • CVE-2022-26786
  • CVE-2022-26787
  • CVE-2022-26789
  • CVE-2022-26790
  • CVE-2022-26791
  • CVE-2022-26792
  • CVE-2022-26793
  • CVE-2022-26794
  • CVE-2022-26795
  • CVE-2022-26796
  • CVE-2022-26797
  • CVE-2022-26798
  • CVE-2022-26801
  • CVE-2022-26802
  • CVE-2022-26803
  • CVE-2022-26915
  • CVE-2022-24550
  • CVE-2022-24543
  • CVE-2022-24474
  • CVE-2022-24542
  • CVE-2022-26807
  • CVE-2022-26909
  • CVE-2022-26912
  • CVE-2022-24523
  • CVE-2022-1129
  • CVE-2022-1128
  • CVE-2022-1130
  • CVE-2022-1134
  • CVE-2022-1232
  • CVE-2022-1131
  • CVE-2022-1125
  • CVE-2022-1127
  • CVE-2022-1133
  • CVE-2022-1143
  • CVE-2022-1139
  • CVE-2022-1137
  • CVE-2022-1138
  • CVE-2022-1145
  • CVE-2022-1135
  • CVE-2022-1136
  • CVE-2022-1146

Remediation

Refer to Microsoft Security Advisory for patch, upgrade, or suggested workaround information.

Microsoft Paches Update

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.