Security News

Microsoft Security Bulletin Coverage for February 2022

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of February 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-21989 Windows Kernel Elevation of Privilege Vulnerability
IPS 2457:Windows Kernel Elevation of Privilege Vulnerability (CVE-2022-21989)

CVE-2022-21994 Windows DWM Core Library Elevation of Privilege Vulnerability
ASPY 293:Malformed-File exe.MP_234

CVE-2022-21996 Win32k Elevation of Privilege Vulnerability
ASPY 294:Malformed-File exe.MP_235

CVE-2022-22000 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 295:Malformed-File exe.MP_236

CVE-2022-22715 Named Pipe File System Elevation of Privilege Vulnerability
ASPY 296:Malformed-File exe.MP_237

CVE-2022-22718 Windows Print Spooler Elevation of Privilege Vulnerability
ASPY 297:Malformed-File exe.MP_238

The following vulnerabilities do not have exploits in the wild :
CVE-2022-21844 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21926 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21927 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21957 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21965 Microsoft Teams Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-21968 Microsoft SharePoint Server Security Feature BypassVulnerability
There are no known exploits in the wild.
CVE-2022-21971 Windows Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21974 Roaming Security Rights Management Services Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21981 Windows Common Log File System Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-21984 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21985 Windows Remote Access Connection Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-21986 .NET Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-21987 Microsoft SharePoint Server Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-21988 Microsoft Office Visio Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21991 Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21992 Windows Mobile Device Management Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21993 Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-21995 Windows Hyper-V Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-21997 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-21998 Windows Common Log File System Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-21999 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22001 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22002 Windows User Account Profile Picture Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-22003 Microsoft Office Graphics Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22004 Microsoft Office ClickToRun Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22005 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22709 VP9 Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22710 Windows Common Log File System Driver Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-22712 Windows Hyper-V Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-22716 Microsoft Excel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22717 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23252 Microsoft Office Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-23254 Microsoft Power BI Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23255 Microsoft OneDrive for Android Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-23256 Azure Data Explorer Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-23261 Microsoft Edge (Chromium-based) Tampering Vulnerability
There are no known exploits in the wild.
CVE-2022-23262 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23263 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23269 Microsoft Dynamics GP Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-23271 Microsoft Dynamics GP Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23272 Microsoft Dynamics GP Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23273 Microsoft Dynamics GP Elevation Of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23274 Microsoft Dynamics GP Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-23276 SQL Server for Linux Containers Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-23280 Microsoft Outlook for Mac Security Feature Bypass Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
The Not Petya Ransomware Spreading Worldwide
Microsoft Security Bulletin Coverage for October 2021
Apple QuickTime M-JPEG Heap Buffer Overflow (July 5, 2013)
Emotet seen distributing bloated files to evade detection
Trojan uses Google Docs to cloak its communication with servers (November 21, 2012)
ServHelper 2.0: Enriched with bot capabilities and allow remote desktop access
Ferrlock Ransomware actively spreading in the wild
Pink Floyd worm in 'Chinese Facebook' (Aug 25, 2009)