Back to Blog
Detection and Response

Patch Tuesday - March 2022

Greg Wiseman
Greg Wiseman
|Last updated on Mar 8, 2022|1 min read
LinkedInFacebookX
Patch Tuesday - March 2022

Microsoft's March 2022 updates include fixes for 92 CVEs (including 21 from the Chromium project, which is used by their Edge web browser). None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and CVE-2022-21990, affecting Remote Desktop Client, both allow RCE (Remote Code Execution). CVE-2022-24459 is an LPE (local privilege escalation) vulnerability in the Windows Fax and Scan service. All three publicly disclosed vulnerabilities are rated Important – organizations should remediate at their regular patch cadence.

Three CVEs this month are rated Critical. CVE-2022-22006 and CVE-2022-24501 both affect video codecs. In most cases, these will update automatically via the Microsoft Store. However, any organizations with automatic updates disabled should be sure to push out updates. The vulnerability most likely to raise eyebrows this month is CVE-2022-23277, a Critical RCE affecting Exchange Server. Thankfully, this is a post-authentication vulnerability, meaning attackers need credentials to exploit it. Although passwords can be obtained via phishing and other means, this one shouldn’t be as rampantly exploited as the deluge of Exchange vulnerabilities we saw throughout 2021. Exchange administrators should still patch as soon as reasonably possible.

SharePoint administrators get a break this month, though on the client side, a handful of Office vulnerabilities were fixed. Three separate RCEs in Visio, Tampering and Security Feature Bypass vulnerabilities in Word, and Information Disclosure in the Skype Extension for Chrome all got patched.

CVE-2022-24508 is an RCE affecting Windows SMBv3, which has potential for widespread exploitation, assuming an attacker can put together a suitable exploit. Luckily, like this month's Exchange vulnerabilities, this too requires authentication.

Organizations using Microsoft’s Azure Site Recovery service should be aware that 11 CVEs were fixed with today’s updates, split between RCEs and LPEs. They are all specific to the scenario where an on-premise VMware deployment is set up to use Azure for disaster recovery.

Summary charts

2022-03-vuln_count_severity.png2022-03-vuln_count_impact.png2022-03-cvssv3_hist.png2022-03-vuln_count_component.png

Summary tables

Apps vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-23282Paint 3D Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24465Microsoft Intune Portal for iOS Security Feature Bypass VulnerabilityNoNo3.3Yes

Azure vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-24467Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24468Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24517Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24470Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24471Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24520Azure Site Recovery Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-24469Azure Site Recovery Elevation of Privilege VulnerabilityNoNo8.1Yes
CVE-2022-24506Azure Site Recovery Elevation of Privilege VulnerabilityNoNo6.5Yes
CVE-2022-24515Azure Site Recovery Elevation of Privilege VulnerabilityNoNo6.5Yes
CVE-2022-24518Azure Site Recovery Elevation of Privilege VulnerabilityNoNo6.5Yes
CVE-2022-24519Azure Site Recovery Elevation of Privilege VulnerabilityNoNo6.5Yes

Browser vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-0809Chromium: CVE-2022-0809 Out of bounds memory access in WebXRNoNoN/AYes
CVE-2022-0808Chromium: CVE-2022-0808 Use after free in Chrome OS ShellNoNoN/AYes
CVE-2022-0807Chromium: CVE-2022-0807 Inappropriate implementation in AutofillNoNoN/AYes
CVE-2022-0806Chromium: CVE-2022-0806 Data leak in CanvasNoNoN/AYes
CVE-2022-0805Chromium: CVE-2022-0805 Use after free in Browser SwitcherNoNoN/AYes
CVE-2022-0804Chromium: CVE-2022-0804 Inappropriate implementation in Full screen modeNoNoN/AYes
CVE-2022-0803Chromium: CVE-2022-0803 Inappropriate implementation in PermissionsNoNoN/AYes
CVE-2022-0802Chromium: CVE-2022-0802 Inappropriate implementation in Full screen modeNoNoN/AYes
CVE-2022-0801Chromium: CVE-2022-0801 Inappropriate implementation in HTML parserNoNoN/AYes
CVE-2022-0800Chromium: CVE-2022-0800 Heap buffer overflow in Cast UINoNoN/AYes
CVE-2022-0799Chromium: CVE-2022-0799 Insufficient policy enforcement in InstallerNoNoN/AYes
CVE-2022-0798Chromium: CVE-2022-0798 Use after free in MediaStreamNoNoN/AYes
CVE-2022-0797Chromium: CVE-2022-0797 Out of bounds memory access in MojoNoNoN/AYes
CVE-2022-0796Chromium: CVE-2022-0796 Use after free in MediaNoNoN/AYes
CVE-2022-0795Chromium: CVE-2022-0795 Type Confusion in Blink LayoutNoNoN/AYes
CVE-2022-0794Chromium: CVE-2022-0794 Use after free in WebShareNoNoN/AYes
CVE-2022-0793Chromium: CVE-2022-0793 Use after free in ViewsNoNoN/AYes
CVE-2022-0792Chromium: CVE-2022-0792 Out of bounds read in ANGLENoNoN/AYes
CVE-2022-0791Chromium: CVE-2022-0791 Use after free in OmniboxNoNoN/AYes
CVE-2022-0790Chromium: CVE-2022-0790 Use after free in Cast UINoNoN/AYes
CVE-2022-0789Chromium: CVE-2022-0789 Heap buffer overflow in ANGLENoNoN/AYes

Developer Tools vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-24526Visual Studio Code Spoofing VulnerabilityNoNo6.1Yes
CVE-2020-8927Brotli Library Buffer Overflow VulnerabilityNoNo6.5Yes
CVE-2022-24512.NET and Visual Studio Remote Code Execution VulnerabilityNoYes6.3Yes
CVE-2022-24464.NET and Visual Studio Denial of Service VulnerabilityNoNo7.5No

Exchange Server vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-24463Microsoft Exchange Server Spoofing VulnerabilityNoNo6.5Yes
CVE-2022-23277Microsoft Exchange Server Remote Code Execution VulnerabilityNoNo8.8Yes

Microsoft Office vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-24522Skype Extension for Chrome Information Disclosure VulnerabilityNoNo7.5Yes
CVE-2022-24462Microsoft Word Security Feature Bypass VulnerabilityNoNo5.5Yes
CVE-2022-24511Microsoft Office Word Tampering VulnerabilityNoNo5.5Yes
CVE-2022-24509Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24461Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24510Microsoft Office Visio Remote Code Execution VulnerabilityNoNo7.8Yes

System Center vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-23265Microsoft Defender for IoT Remote Code Execution VulnerabilityNoNo7.2Yes
CVE-2022-23266Microsoft Defender for IoT Elevation of Privilege VulnerabilityNoNo7.8Yes
CVE-2022-23278Microsoft Defender for Endpoint Spoofing VulnerabilityNoNo5.9Yes

Windows vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-21967Xbox Live Auth Manager for Windows Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24525Windows Update Stack Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24508Windows SMBv3 Client/Server Remote Code Execution VulnerabilityNoNo8.8Yes
CVE-2022-23284Windows Print Spooler Elevation of Privilege VulnerabilityNoNo7.2No
CVE-2022-21975Windows Hyper-V Denial of Service VulnerabilityNoNo4.7Yes
CVE-2022-23294Windows Event Tracing Remote Code Execution VulnerabilityNoNo8.8Yes
CVE-2022-23291Windows DWM Core Library Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-23288Windows DWM Core Library Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-23286Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24455Windows CD-ROM Driver Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-24507Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-23287Windows ALPC Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24505Windows ALPC Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24501VP9 Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24451VP9 Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24460Tablet Windows User Interface Application Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-23295Raw Image Extension Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-23300Raw Image Extension Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-22010Media Foundation Information Disclosure VulnerabilityNoNo4.4Yes
CVE-2022-21977Media Foundation Information Disclosure VulnerabilityNoNo3.3Yes
CVE-2022-22006HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-23301HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-22007HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24452HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24453HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24456HEVC Video Extensions Remote Code Execution VulnerabilityNoNo7.8Yes
CVE-2022-24457HEIF Image Extensions Remote Code Execution VulnerabilityNoNo7.8Yes

Windows ESU vulnerabilities

CVETitleExploitedPublicly disclosed?CVSSv3 base scoreHas FAQ?
CVE-2022-24454Windows Security Support Provider Interface Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-23299Windows PDEV Elevation of Privilege VulnerabilityNoNo7.8Yes
CVE-2022-23298Windows NT OS Kernel Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-23297Windows NT Lan Manager Datagram Receiver Driver Information Disclosure VulnerabilityNoNo5.5Yes
CVE-2022-21973Windows Media Center Update Denial of Service VulnerabilityNoNo5.5No
CVE-2022-23296Windows Installer Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-23290Windows Inking COM Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-24502Windows HTML Platforms Security Feature Bypass VulnerabilityNoNo4.3Yes
CVE-2022-24459Windows Fax and Scan Service Elevation of Privilege VulnerabilityNoYes7.8No
CVE-2022-23293Windows Fast FAT File System Driver Elevation of Privilege VulnerabilityNoNo7.8No
CVE-2022-23281Windows Common Log File System Driver Information Disclosure VulnerabilityNoNo5.5Yes
CVE-2022-23283Windows ALPC Elevation of Privilege VulnerabilityNoNo7Yes
CVE-2022-24503Remote Desktop Protocol Client Information Disclosure VulnerabilityNoNo5.4Yes
CVE-2022-21990Remote Desktop Client Remote Code Execution VulnerabilityNoYes8.8Yes
CVE-2022-23285Remote Desktop Client Remote Code Execution VulnerabilityNoNo8.8Yes
CVE-2022-23253Point-to-Point Tunneling Protocol Denial of Service VulnerabilityNoNo6.5No

NEVER MISS A BLOG

Get the latest stories, expertise, and news about security today.

Subscribe

Article Tags

Author

Greg Wiseman
Greg Wiseman
Authors's Posts

Related blog posts