Http.sys, a vulnerability in Windows & Windows Server, has been patched by Microsoft. Exchange Server has also been patched for three vulnerabilities that allowed remote code execution. Acrobat and Reader have been updated to resolve 26 bugs too.
As a result of January 2022 Patch upgrades for Windows PCs, several users have experienced problems connecting to VPNs. As a temporary fix, while the matter is being investigated, Microsoft has recognized a new defect that prevents the designed Windows client from accessing an encrypted virtual private network (VPN).
A vulnerability with IPSEC connections has been discovered in Microsoft's latest cumulative patches for the operating systems Windows 10 (KB5009543) & Windows 11 (KB5009566). Following the installation of KB5009543, IP Security (IPSEC) connections with a Vendor ID may fail. L2TP Protocol and IPSEC IKE might be impacted, according to the company's announcement.
Microsoft's wormable flaw in Windows and a bug in Exchange have been fixed with this Patch.
In this month's updates, Microsoft has fixed six zero-day vulnerabilities, however, none of them has been currently being misused. A remote code execution weakness, CVE-2021-36976 & CVE-2022-21874, are among the zero-day vulnerabilities.
Worse than the aforementioned issues, zero-days is a vulnerability in Http.sys, CVE-2022-21907, which allows remote code execution through crafted HTTP network packets. It doesn't need any interaction from the user or any privileged access. Your servers should be checked first, followed by your clients. By default, the HTTP Trailer Support feature, which contains the vulnerability, is not activated in Windows Server 2019 & Windows 10 version 1809.
Whenever following registry key is present, devices are at risk:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\
"EnableTrailerSupport"=dword:00000001
Under some circumstances, the bug identified as CVE-2022-21857 might allow hackers to gain administrative privileges on a computer in an Active Directory system. A hacker would need log in to Active Directory before he or she could proceed. The problem has been graded Critical by Microsoft.
Microsoft has issued fixes for three RCE flaws as well, including (CVE-2022-21846), after the publication of the Exchange Server Y2K22 vulnerability earlier this month. Insider network access is required in order to take advantage of any threat.
Meanwhile, Microsoft Office is vulnerable to CVE-2022-21840, a serious RCE problem that affects several versions. Office 2019 for MacOS & Microsoft LTSC 2021 are presently not supported by a patch. Hackers may trick a user into opening a harmful file by sending it to them via email or a rogue site.
Adobe patches,
In January, Adobe published five fixes that addressed 41 CVEs. InDesign, Illustrator, InCopy, and Acrobat are all affected by the flaws. It's no shock that the Adobe reader patch resolves a total of 26 issues, which included RCE that a hacker might abuse if the user opened a specially prepared PDF document. There have been zero reported incidents of Adobe Flash Player hacks till this writing, however, this is easy to change when new information becomes available.
About patching,
Before installing this month's fixes broadly on production systems, organizations should thoroughly test them. Since cybercriminals are already working on exploiting freshly discovered flaws, updates should not be put off any longer than necessary.
Before installing updates, it is best practice to back up your computers. On a monthly basis, consumers encounter problems with Updates and patches that result in computers failing to boot, incompatibilities between software and hardware, or maybe even loss of data in the most extreme circumstances.
Backups can be restored from inside Windows & Windows Server if an issue arises as a result of a patch. It is possible to recover individual files and documents or the complete Windows system using the built-in backup tools.