{"id":87985,"date":"2022-01-18T17:06:31","date_gmt":"2022-01-18T06:06:31","guid":{"rendered":"https:\/\/itt.com.au\/?p=87985"},"modified":"2022-01-18T17:06:31","modified_gmt":"2022-01-18T06:06:31","slug":"this-is-the-first-patch-of-2022-a-windows-vulnerability-and-a-critical-bug-in-the-exchange-server-have-been-fixed","status":"publish","type":"post","link":"https:\/\/itt.com.au\/this-is-the-first-patch-of-2022-a-windows-vulnerability-and-a-critical-bug-in-the-exchange-server-have-been-fixed\/","title":{"rendered":"This is the first Patch of 2022, a Windows vulnerability and a critical bug in the Exchange Server have been fixed."},"content":{"rendered":"\n
Http.sys, a vulnerability in Windows & Windows Server, has been patched by Microsoft. Exchange Server has also been patched for three vulnerabilities that allowed remote code execution. Acrobat and Reader have been updated to resolve 26 bugs too.\u00a0<\/p>\n\n\n\n
As a result of January 2022 Patch upgrades for Windows PCs, several users have experienced problems connecting to VPNs. As a temporary fix, while the matter is being investigated, Microsoft has recognized a new defect that prevents the designed Windows client from accessing an encrypted virtual private network (VPN).<\/p>\n\n\n\n
A vulnerability with IPSEC connections has been discovered in Microsoft’s latest cumulative patches for the operating systems Windows 10 (KB5009543<\/a>) & Windows 11 (KB5009566<\/a>). Following the installation of KB5009543, IP Security (IPSEC) connections with a Vendor ID may fail. L2TP Protocol\u00a0and IPSEC IKE might be impacted, according to the company’s announcement.<\/p>\n\n\n\n Microsoft’s wormable flaw in Windows and a bug in Exchange have been fixed with this Patch.<\/p>\n\n\n\n In this month’s\u00a0updates, Microsoft has fixed six zero-day vulnerabilities, however, none of them has been currently being misused. A remote code execution\u00a0weakness, CVE-2021-36976<\/a> & CVE-2022-21874<\/a>, are among the zero-day vulnerabilities.\u00a0<\/p>\n\n\n\n Worse than the aforementioned issues,\u00a0zero-days is a vulnerability in Http.sys, CVE-2022-21907<\/a>, which allows remote code execution through crafted HTTP network packets. It doesn’t need any interaction from the user or any privileged access. Your servers should be checked first, followed by your clients. By default, the HTTP Trailer Support feature, which contains the vulnerability, is not activated in Windows Server 2019 & Windows 10 version 1809.<\/p>\n\n\n\n Whenever following registry key is present, devices are at risk:<\/p>\n\n\n\n HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\HTTP\\Parameters\\<\/p>\n\n\n\n “EnableTrailerSupport”=dword:00000001<\/p>\n\n\n\n Under some circumstances, the bug identified as CVE-2022-21857<\/a> might allow hackers to gain administrative privileges on a computer in an Active Directory system. A hacker would need log in to Active Directory before he or she could proceed. The problem has been graded Critical by Microsoft.<\/p>\n\n\n\n Microsoft has issued fixes for three RCE flaws as well, including (CVE-2022-21846<\/a>), after the publication of the Exchange Server Y2K22 vulnerability earlier this month. Insider network access is required in order to take advantage of any threat.<\/p>\n\n\n\n