Microsoft specialists eliminated 71 vulnerabilities as part of Tuesday’s fixes for March 2022, including three critical ones. Remote Code Execution (RCE) vulnerabilities accounted for 40.8% of the total number of issues fixed this month, followed by privilege escalation vulnerabilities (35.2%).
CVE-2022-23277 — critical RCE vulnerability in Microsoft Exchange Server. An authorized user can take advantage of the vulnerability to execute arbitrary code on a vulnerable server. Since vulnerabilities in Exchange are actively exploited by hackers, organizations should give priority attention to fixing this problem.
CVE-2022-23285 and CVE-2022-21990 — RCE vulnerabilities in the remote desktop client. Both vulnerabilities were rated 8.8 points on the CVSSv3 scale. To exploit vulnerabilities, an attacker needs to trick a user into connecting to a malicious server. Successful operation will allow the criminal to remotely execute code on the system, install malware, change or delete data, as well as create a new account with full privileges.
CVE-2022-24508 — RCE is a vulnerability in the Microsoft Server Message Block 3.0 (SMBv3) client and server. The vulnerability was discovered in Windows 10 (version 2004), so it only affects newer supported versions of Windows. Although an attacker must authenticate to exploit this vulnerability, Microsoft strongly recommends fixing or applying the proposed measures to prevent exploitation as soon as possible.
CVE-2022-24459 — privilege escalation vulnerability affecting the Fax and Scan service in Windows. The vulnerability received a score of 7.8 points on the CVSSv3 scale and can be used by a locally authorized attacker.
CVE-2022-24512 — RCE-vulnerability affecting Microsoft.NET and Visual Studio. According to Microsoft, exploiting the vulnerability requires user interaction to activate the payload in the vulnerable application. An attacker can most likely force the user to perform the necessary actions using social engineering. To successfully compromise the system, a hacker will also need to use this problem along with other vulnerabilities.