720-891-1663

Return to list of client alerts

NSA to Microsoft: Fix Your Zero-Day

While Microsoft released 128 patches yesterday, there are a couple that stand out.

CVE-2022-24521 is a vulnerability in the Windows Common Log File System Driver. The bug is a privilege escalation bug, so it would need to be combined with another vulnerability, but that doesn’t seem that hard. Oh yeah, it was reported to Microsoft by the NSA. They have something called the vulnerability equities process. If the process is working right the NSA is supposed to weigh the harm of not telling the vendor vs. the benefit of using the bug themselves. In this case they told the vendor. Microsoft says it is being exploited in the wild. Does that mean that the NSA has seen this bug being used by say, China or Russia. They will never admit it, but something like that is likely.

In addition to that bug fix, there are 10 more rated critical. Microsoft also fixed 18 flaws in Microsoft DNS and 17 remote code execution bugs. Also 15 fixes for the print spooler.

Oh, yeah, THREE of the 10 criticals are WORMABLE, meaning they can spread without the user having to do anything.

Happy Patch Tuesday.

Credit: Helpnet Security, The Hacker News and Threatpost