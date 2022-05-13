This Tuesday’s Windows update (10) fixes no less than 75 security holes: with three publicly known zero-day vulnerabilities, and another eight considered highly critical by experts. They involve the possibility of executing code remotely to install malware, carry out attacks, or to increase user privileges on the system.

In case the numbers alone are not enough to motivate the installation of the update, Microsoft also informs that at least one of the zero-day security holes is already actively exploited by cybercriminals. CVE-2022-26925 is a flaw in the LSARPC interface, aimed at usage policies on remote machines, and would allow access by users not properly authenticated, opening the door for further exploits from changes in privileges.

The other two previously unknown vulnerabilities, so-called zero-day, have also had their technical details disclosed, making them susceptible to exploitation by crooks who bet on the delay in updating, mainly by corporate users. One of them also allows remote code execution on Azure systems, while the other opens up the possibility of denial of service scams in the Hyper-V virtualization system.

According to the report released by Microsoft, in total, there are 21 holes that allow privilege escalation, 26 of remote code execution and 17 that release protected information. Another six enable denial-of-service attacks while four involve authentication systems; the Edge browser got through unharmed this time, with no vulnerabilities fixed in the Windows update.

In light of all this, Microsoft recommends updating operating systems as soon as possible for end users and, especially, corporate users. The traditional Patch Tuesdays, or update Tuesdays, usually bring large volumes of corrections of this type and act directly on vulnerabilities, as a way of delivering a large package of measures at once and facilitating the work of system administrators and multiple devices.

The update is now available to all users of the operating system and is free. Signs of compromise and mitigation indications for ongoing attacks were also released by the company, for cases where the scams are already underway.

Source: Microsoft