Threat Summary
On Tuesday, January 11, 2022, Microsoft released patches to address 90+ vulnerabilities, including six zero-day exploits. Of the vulnerabilities identified, nine are classified as Critical, and the remaining vulnerabilities are classified as Important.
Of the nearly 100 vulnerabilities identified, the following categories were identified according to impact:
- Elevation of Privilege vulnerabilities
- Security Feature Bypass vulnerabilities
- Remote Code Execution vulnerabilities
- Information Disclosure vulnerabilities
- Denial of Service vulnerabilities
- Spoofing vulnerabilities
The following are zero-day vulnerabilities addressed by this patch release:
- CVE-2021-22947 - Open Source Curl Remote Code Execution Vulnerability
- CVE-2021-36976 - Libarchive Remote Code Execution Vulnerability
- CVE-2022-21919 - Windows User Profile Service Elevation of Privilege Vulnerability
- CVE-2022-21836 - Windows Certificate Spoofing Vulnerability
- CVE-2022-21839 - Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
- CVE-2022-21874 - Windows Security Center API Remote Code Execution Vulnerability
*The six zero-day vulnerabilities listed above are not known to have been exploited.
Our Recommendations
Review Existing Patching Cadence
Review your existing patching cadence based on your interpretation of risk for your organization and systems. Consider adjusting patch windows for internet-facing, sensitive, or high-risk systems, depending on your organization’s existing security posture and risk need.
If you’re an existing Coretek customer, and your organization requires out-of-band patching windows, please out to your Coretek Delivery Manager for more information.
Ensure Microsoft Systems are Patched
Ensure that all affected Microsoft systems are patched after your normally scheduled patching maintenance. If you are unsure if all systems are properly patched, consider using a vulnerability scanner to verify that patches have been properly applied.
References and Additional Resources
- Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws (bleepingcomputer.com)
- Microsoft Patch Tuesday - January 2022 (sans.edu)
- January 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
If you are a Coretek customer and have any questions about our remediation actions or your support agreements with Coretek, or you are a visitor who would like more information, please use the button below to get in touch.