مایکروسافت، وصله های به روز رسانی سه شنبه ماه آپریل خود را منتشر کرد، این به روز رسانی شامل رفع 119 آسیب پذیری (بجز 26 آسیب پذیری موجود در Microsoft Edge) است که 2 آسیب پذیری Zero-day و 10 آسیب پذیری حیاتی مربوطه به اجرای کد از راه دور را نیز در برمیگیرد.
آسیب پذیری های Zero-Day
یکی از این آسیب پذیری های Zero-day به صورت عمومی منتشر شده و دیگری به صورت فعال در حملات سایبری مورد سواستفاده قرار میگیرد.
- CVE-2022-26904 – Windows User Profile Service Elevation of Privilege Vulnerability
این آسیب پذیری به صورت عمومی منتشر شده و یک باگ در امتیازات دسترسی است که توسط CrowdStrike و NSA کشف شده است.
- CVE-2022-24521 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
با توجه به اینکه مایکروسافت وصله های این آسیب پذیری ها را منتشر کرده است و در خصوص آنها اطلاع رسانی نموده است، انتظار می رود که مهاجمان این آسیب پذیری ها را مورد تجزیه و تحلیل قرار دهند و به دنبال نحوه سوء استفاده از آنها در سیستم هایی که به روز نیستند، باشند. بنابراین توصیه می کنیم بلافاصله این به روز رسانی ها را دریافت و نصب نمایید.
در جدول زیر آسیب پذیری های این ماه مایکروسافت به صورت کامل لیست شده است:
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
.NET Framework | CVE-2022-26832 | .NET Framework Denial of Service Vulnerability | Important |
Active Directory Domain Services | CVE-2022-26814 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Active Directory Domain Services | CVE-2022-26817 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Azure SDK | CVE-2022-26907 | Azure SDK for .NET Information Disclosure Vulnerability | Important |
Azure Site Recovery | CVE-2022-26898 | Azure Site Recovery Remote Code Execution Vulnerability | Important |
Azure Site Recovery | CVE-2022-26897 | Azure Site Recovery Information Disclosure Vulnerability | Important |
Azure Site Recovery | CVE-2022-26896 | Azure Site Recovery Information Disclosure Vulnerability | Important |
LDAP – Lightweight Directory Access Protocol | CVE-2022-26831 | Windows LDAP Denial of Service Vulnerability | Important |
LDAP – Lightweight Directory Access Protocol | CVE-2022-26919 | Windows LDAP Remote Code Execution Vulnerability | Critical |
Microsoft Bluetooth Driver | CVE-2022-26828 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important |
Microsoft Dynamics | CVE-2022-23259 | Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability | Critical |
Microsoft Edge (Chromium-based) | CVE-2022-26909 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-1139 | Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26912 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-26908 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1146 | Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26895 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-26900 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-26894 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1232 | Chromium: CVE-2022-1232 Type Confusion in V8 | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-26891 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1125 | Chromium: CVE-2022-1125 Use after free in Portals | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1136 | Chromium: CVE-2022-1136 Use after free in Tab Strip | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-24475 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important |
Microsoft Edge (Chromium-based) | CVE-2022-1145 | Chromium: CVE-2022-1145 Use after free in Extensions | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1135 | Chromium: CVE-2022-1135 Use after free in Shopping Cart | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1138 | Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1143 | Chromium: CVE-2022-1143 Heap buffer overflow in WebUI | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-24523 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate |
Microsoft Edge (Chromium-based) | CVE-2022-1137 | Chromium: CVE-2022-1137 Inappropriate implementation in Extensions | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1134 | Chromium: CVE-2022-1134 Type Confusion in V8 | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1127 | Chromium: CVE-2022-1127 Use after free in QR Code Generator | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1128 | Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1133 | Chromium: CVE-2022-1133 Use after free in WebRTC | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1130 | Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1129 | Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode | Unknown |
Microsoft Edge (Chromium-based) | CVE-2022-1131 | Chromium: CVE-2022-1131 Use after free in Cast UI | Unknown |
Microsoft Graphics Component | CVE-2022-26920 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2022-26903 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
Microsoft Local Security Authority Server (lsasrv) | CVE-2022-24493 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | Important |
Microsoft Office Excel | CVE-2022-24473 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office Excel | CVE-2022-26901 | Microsoft Excel Remote Code Execution Vulnerability | Important |
Microsoft Office SharePoint | CVE-2022-24472 | Microsoft SharePoint Server Spoofing Vulnerability | Important |
Microsoft Windows ALPC | CVE-2022-24482 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Microsoft Windows ALPC | CVE-2022-24540 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Microsoft Windows Codecs Library | CVE-2022-24532 | HEVC Video Extensions Remote Code Execution Vulnerability | Important |
Microsoft Windows Media Foundation | CVE-2022-24495 | Windows Direct Show – Remote Code Execution Vulnerability | Important |
Power BI | CVE-2022-23292 | Microsoft Power BI Spoofing Vulnerability | Important |
Role: DNS Server | CVE-2022-26815 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26816 | Windows DNS Server Information Disclosure Vulnerability | Important |
Role: DNS Server | CVE-2022-24536 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26824 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26823 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26822 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26829 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26826 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26825 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26821 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26820 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26813 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26818 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26819 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26811 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: DNS Server | CVE-2022-26812 | Windows DNS Server Remote Code Execution Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-22008 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-24490 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-24539 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-26785 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-26783 | Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-24537 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-23268 | Windows Hyper-V Denial of Service Vulnerability | Important |
Role: Windows Hyper-V | CVE-2022-23257 | Windows Hyper-V Remote Code Execution Vulnerability | Critical |
Role: Windows Hyper-V | CVE-2022-22009 | Windows Hyper-V Remote Code Execution Vulnerability | Important |
Skype for Business | CVE-2022-26911 | Skype for Business Information Disclosure Vulnerability | Important |
Skype for Business | CVE-2022-26910 | Skype for Business and Lync Spoofing Vulnerability | Important |
Visual Studio | CVE-2022-24767 | GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account | Important |
Visual Studio | CVE-2022-24765 | GitHub: Uncontrolled search for the Git directory in Git for Windows | Important |
Visual Studio | CVE-2022-24513 | Visual Studio Elevation of Privilege Vulnerability | Important |
Visual Studio Code | CVE-2022-26921 | Visual Studio Code Elevation of Privilege Vulnerability | Important |
Windows Ancillary Function Driver for WinSock | CVE-2022-24494 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Important |
Windows App Store | CVE-2022-24488 | Windows Desktop Bridge Elevation of Privilege Vulnerability | Important |
Windows AppX Package Manager | CVE-2022-24549 | Windows AppX Package Manager Elevation of Privilege Vulnerability | Important |
Windows Cluster Client Failover | CVE-2022-24489 | Cluster Client Failover (CCF) Elevation of Privilege Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-24538 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-26784 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Cluster Shared Volume (CSV) | CVE-2022-24484 | Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability | Important |
Windows Common Log File System Driver | CVE-2022-24521 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
Windows Common Log File System Driver | CVE-2022-24481 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important |
Windows Defender | CVE-2022-24548 | Microsoft Defender Denial of Service Vulnerability | Important |
Windows DWM Core Library | CVE-2022-24546 | Windows DWM Core Library Elevation of Privilege Vulnerability | Important |
Windows Endpoint Configuration Manager | CVE-2022-24527 | Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26917 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26916 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Fax Compose Form | CVE-2022-26918 | Windows Fax Compose Form Remote Code Execution Vulnerability | Important |
Windows Feedback Hub | CVE-2022-24479 | Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | Important |
Windows File Explorer | CVE-2022-26808 | Windows File Explorer Elevation of Privilege Vulnerability | Important |
Windows File Server | CVE-2022-26827 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
Windows File Server | CVE-2022-26810 | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2022-24499 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2022-24530 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows iSCSI Target Service | CVE-2022-24498 | Windows iSCSI Target Service Information Disclosure Vulnerability | Important |
Windows Kerberos | CVE-2022-24545 | Windows Kerberos Remote Code Execution Vulnerability | Important |
Windows Kerberos | CVE-2022-24486 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
Windows Kerberos | CVE-2022-24544 | Windows Kerberos Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2022-24483 | Windows Kernel Information Disclosure Vulnerability | Important |
Windows Local Security Authority Subsystem Service | CVE-2022-24487 | Windows Local Security Authority (LSA) Remote Code Execution Vulnerability | Important |
Windows Local Security Authority Subsystem Service | CVE-2022-24496 | Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important |
Windows Media | CVE-2022-24547 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
Windows Network File System | CVE-2022-24491 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows Network File System | CVE-2022-24497 | Windows Network File System Remote Code Execution Vulnerability | Critical |
Windows PowerShell | CVE-2022-26788 | PowerShell Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26789 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26787 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26786 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26796 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26790 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26803 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26802 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26794 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26795 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26797 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26798 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26791 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26801 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26793 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows Print Spooler Components | CVE-2022-26792 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
Windows RDP | CVE-2022-24533 | Remote Desktop Protocol Remote Code Execution Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-26809 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Critical |
Windows Remote Procedure Call Runtime | CVE-2022-24528 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
Windows Remote Procedure Call Runtime | CVE-2022-24492 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
Windows schannel | CVE-2022-26915 | Windows Secure Channel Denial of Service Vulnerability | Important |
Windows SMB | CVE-2022-24485 | Win32 File Enumeration Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-26830 | DiskUsage.exe Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-21983 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
Windows SMB | CVE-2022-24541 | Windows Server Service Remote Code Execution Vulnerability | Critical |
Windows SMB | CVE-2022-24500 | Windows SMB Remote Code Execution Vulnerability | Critical |
Windows SMB | CVE-2022-24534 | Win32 Stream Enumeration Remote Code Execution Vulnerability | Important |
Windows Telephony Server | CVE-2022-24550 | Windows Telephony Server Elevation of Privilege Vulnerability | Important |
Windows Upgrade Assistant | CVE-2022-24543 | Windows Upgrade Assistant Remote Code Execution Vulnerability | Important |
Windows User Profile Service | CVE-2022-26904 | Windows User Profile Service Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-24474 | Windows Win32k Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-26914 | Win32k Elevation of Privilege Vulnerability | Important |
Windows Win32K | CVE-2022-24542 | Windows Win32k Elevation of Privilege Vulnerability | Important |
Windows Work Folder Service | CVE-2022-26807 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
YARP reverse proxy | CVE-2022-26924 | YARP Denial of Service Vulnerability | Important |
منبع :