In Microsoft’s February 2022 Patch Tuesday release, 48 CVEs were addressed, including one zero-day vulnerability that was publicly disclosed but not exploited in the wild.
Below is a comment from Satnam Narang, staff research engineer, Tenable.
“This month’s Patch Tuesday release includes fixes for 48 CVEs — none that are rated critical, including one zero-day, which was publicly disclosed but was not exploited in the wild.
“Microsoft addressed CVE-2022-21989, an elevation of privilege vulnerability in the Windows Kernel. While Microsoft rates the vulnerability as Exploitation More Likely, the complexity to exploit the vulnerability is High, because of the added legwork required to prepare the target. This type of vulnerability is often leveraged by an attacker once they’ve already compromised the target, either through the use of a separate vulnerability or malware.
“This month, Microsoft also patched four elevation of privilege vulnerabilities in its Windows Print Spooler, including two rated Exploitation More Likely. One of these two flaws, CVE-2022-21999, is credited to researchers at Sangfor, who were responsible for disclosing some of the PrintNightmare vulnerabilities last summer. Because of the ubiquity of Print Spooler, vulnerabilities like this have been leveraged by ransomware groups. Organizations should apply these patches as soon as possible.”– Satnam Narang, staff research engineer, Tenable.