On April 12, 2022, Microsoft launched large patches with Windows updates, which included improvements for all of the .NET Framework to Windows PowerShell. Damaged, namely 101 CVS, 16 knowledge base articles, two days zero, and 26 updates to Microsoft Edge. Even Microsoft Office Excel has its own fixtures, including two remote code execution vulnerabilities – CVE-2022-24473 and CVE-2022-26901.
The two most significant exploits that have been patched in a large April update are called “Zero-Days,” which is basically previously not known the vulnerability that is possible or may not be actively targeted or exploited by poor actors (but, a hacker with intention Evil), but exposed to the public on the same day as they patch. In this case, one of the two is aimed at zero day, CVE-2022-24521, has actually been reported by the NSA because it has been exploited by bad actors who can target Windows 10 systems, especially company servers, and take control remotely. From a system that is vulnerable by increasing the privileges of access through the Microsoft Server Message Block Protocol. Fortunately, the latest update that patches the problem, so it should no longer pose a threat to Windows users.
Microsoft continues to shore up against bad actors
On the same day as the new April patch was released, Microsoft also discussed its ongoing battle with bad actors “sponsored by high priority countries”, Hafnium, who were connected to the propagation of malware Tarrask. The latter can hack into the vulnerable Windows system registry, enter the security description of the general scheduled task and delete the details to hide the location of the Tarrask itself in the system, basically exploit from Schtasks / Query and assignment schedules. It is also very difficult to remove because it basically spoof itself as part of the Windows security subsystem, or LSASS.
Of course, Microsoft is currently in this case. The detection team and response (Dart) have worked with Microsoft’s threat of the Intelligence Center (MSTIC) because the initial threat becomes clear in March 2021. On April 12, Microsoft has detailed the best actions recommended for users who want to do the roots of the Tarrask of their own system.
Until official repairs are issued, Windows users must have a relationship with the direction of the manual security offered by Microsoft. However, this is only one ongoing problem, and he falsified a large collection of other repairs entered in April 2022 renewal. Overall, updates recently discussed more than 145 problems on various Windows platforms, and it was the same as far more patches Comprehensive than the previous Microsoft 2022 Microsoft update, which only compared 94 problems with comparison.