The official site for Saudi CERT
Microsoft Alert
3328
Warning Date
Severity Level
Warning Number
Target Sector
9 March, 2022
● Critical
2022-4488
All
Microsoft has released security updates to address several vulnerabilities in the following products:
- .NET and Visual Studio
- Azure Site Recovery
- Microsoft Defender for Endpoint
- Microsoft Defender for IoT
- Microsoft Edge (Chromium-based)
- Microsoft Exchange Server
- Microsoft Intune
- Microsoft Office Visio
- Microsoft Office Word
- Microsoft Windows ALPC
- Microsoft Windows Codecs Library
- Paint 3D
- Role: Windows Hyper-V
- Skype Extension for Chrome
- Tablet Windows User Interface
- Visual Studio Code
- Windows Ancillary Function Driver for WinSock
- Windows CD-ROM Driver
- Windows Cloud Files Mini Filter Driver
- Windows COM
- Windows Common Log File System Driver
- Windows DWM Core Library
- Windows Event Tracing
- Windows Fastfat Driver
- Windows Fax and Scan Service
- Windows HTML Platform
- Windows Installer
- Windows Kernel
- Windows Media
- Windows PDEV
- Windows Point-to-Point Tunneling Protocol
- Windows Print Spooler Components
- Windows Remote Desktop
- Windows Security Support Provider Interface
- Windows SMB Server
- Windows Update Stack
- XBox
An attacker could exploit these vulnerabilities by doing the following:
- Denial of service attack (DoS)
- Security feature bypass
- Disclosure of information
- Privilege escalation
- Remote code execution
The CERT team encourages users to review Microsoft security advisory and apply the necessary updates:
Update instructions:
Rate the content
Share the page
