What’s new in the April 2022 Patch Tuesday?
Welcome to the April 2022 Patch Tuesday, the monthly release from Microsoft that brings the latest security and quality updates for Windows and related software. This month’s patches include fixes for both Server and Client versions of Windows and Office applications, Internet Explorer, Edge (Chromium based), Skype for Business/Teams, Microsoft Outlook, Exchange Server, and SharePoint Server and more. In addition, this update includes security updates released out-of-band to address critical vulnerabilities in some of our products.
In total this Patch Tuesday includes a total of 102 unique security bulletins. Here are the details:
• 22 unique bulletins covering critical issues • 63 unique bulletins covering important issues • 17 additional information security bulletins • 7 Security advisories providing mitigation suggestions
This Patch Tuesday also includes 14 Preview Bulletins, a preview of future security patches that will be made available next month’s Patch Tuesday.
Additional resources such as blogs about this process can also be found here on MSRC.com.
Overview of the April 2022 Patch Tuesday
Microsoft released its April 2022 Patch Tuesday, delivering patches and fixes for nearly 85 security vulnerabilities, including two zero-day vulnerabilities.
This patch Tuesday is the first for the year and is focused on resolving security issues in Windows, Office, and other Microsoft products.
Let’s look at what this patch Tuesday brings and what changes it introduces.
Microsoft’s April 2022 Patch Tuesday tackles two zero-day vulnerabilities
The April 2021 Patch Tuesday from Microsoft aims to tackle two zero-day exploits which have been actively exploited. The first is a Windows RDP (Remote Desktop Protocol) exploit indexed as CVE-2021-26876 which could remotely take over a victim’s machine to gain access, create new user accounts and/or delete data.
Microsoft also vowed to patch another zero-day exploit known as CVE-2021-26411 where attackers could launch DoS (Denial of Service) attacks. This vulnerability stems from the Windows Scripting Component, specifically the Windows Remote Management feature, allowing an attacker to send a specially crafted request which could remotely take down the system and potentially spread further into the wider network infrastructure.
Microsoft has included other vulnerabilities in the April 2021 Patch Tuesday as critical. They range from remote code execution flaws in Office products such as Word and Outlook, SharePoint Server flaws that could remotely execute code on affected systems, to numerous security bypass flaws in Microsoft Exchange Server, Windows Defender Applications Guard and Internet Explorer 11.
Details of the two zero-day vulnerabilities
On April 12, 2022, Microsoft released its customary Patch Tuesday package of security updates. This round included two bulletins rated “Critical” to address two zero-day vulnerabilities.
The first bulletin (MS22-034) relates to a use-after-free vulnerability when the Windows DirectShow library fails to properly handle objects in memory. Such a vulnerability could allow attackers to execute arbitrary code on affected systems if they successfully exploit it.
The second bulletin (MS22-035) resolves another Win32k pool overflow vulnerability, which could also be used to execute malicious code in the current user context. Therefore, users must apply these updates as soon as possible to protect against these vulnerabilities’ exploitation.
In addition to the above security bulletins addressing zero day exploits, 12 other “Important” and “Moderate” bulletins were released with this month’s Patch Tuesday package, all of which should be applied by users as soon as possible for maximum system protection. As usual, administrators should exercise caution when testing and deploying these patches since some may require reboot or can cause compatibility issues with custom applications.
Impact of the April 2022 Patch Tuesday
Microsoft’s April 2022 Patch Tuesday was critical, with two zero-day vulnerabilities discovered and patched within hours. These flaws could have caused serious security breaches had they gone unpatched.
This article will look at the impact of the April 2022 Patch Tuesday and how it could affect users and organisations.
Impact on Windows 10
On April 13, 2021, Microsoft released its monthly Patch Tuesday updates, which included several security improvements and fixes to various versions of its Windows operating systems. Though previous Patch Tuesday updates had limited impact on the Windows 10 platform, this month’s update marked a significant change as it addressed several issues related to Windows 10. The changes were primarily aimed at improving system performance and making the operating system more secure.
The April 2022 Patch Tuesday update addressed various flaws found in the operating system and third-party applications that could have been used to compromise user systems. Additionally, Microsoft added several security features such as stronger protections against ransomware and improved parental control options. Furthermore, a new service called “Task Manager Scan Mode” was added to help users better manage their resources by providing insights into current system usage and application performance in real time.
This update also improved other aspects of the operating system such as introducing an updated version of Windows Ink which allows for improved handwriting recognition on supported notebooks. Another noteworthy upgrade is the new Dark Mode theme for File Explorer which can make windows easier to navigate in low light environments or when eye strain is a concern.
In short, this Patch Tuesday update provides much-needed security enhancements and useful usability improvements that should improve user performance and experience on Windows 10 machines worldwide.
Impact on Windows Server
The April 2022 Patch Tuesday includes security updates for systems running Windows 7, 8.1, 10 and server products older than Windows Server 2016. The patches address 94 unique CVEs, many of which are identified as critical or important Remote Code Execution vulnerabilities in Microsoft’s Security Updates Guide.
The impact of these patches on Windows Server is twofold: servers must be updated with the latest security updates to remain secure from attackers; the new configuration settings may cause compatibility issues with existing applications or software components.
Due to the criticality of these security updates, it is highly recommended that organisations ensure all patches have been applied to their Windows Servers as soon as possible. Additionally, administrators should test their environment before applying these updates by running the monthly non-security cumulative update via a preview release designed for testing scenarios. Once this is complete, admins should begin the testing process on each server platform with an Evaluation Task before deploying carefully selected platforms that have passed all tests in a staging environment to determine production readiness.
Organisations should factor any potential compatibility issues into their patching plan by following a thorough risk analysis process to identify existing applications and services that the new update configuration settings may impact before deploying the associated patches. To minimise administrative costs and resource utilisation during this process, admins should leverage automated deployment tools such as Microsoft’s System Center Configuration Manager 2007 (SCCM) or other available third-party solutions for testing, staging and deploying each patch release during Patch Tuesday cycles.
tags = 100 security fixes for software, resolve critical issues including two zero-days, fixednumerous remote code execution bugs, microsoft windows subsystem microsoft store windowsfoleyzdnet, microsoft windows subsystem linux microsoft windowsfoleyzdnet, windows subsystem linux microsoft store windowsfoleyzdnet, microsoft linux windows microsoft store windowsfoleyzdnet, microsoft windows subsystem windows microsoft windowsfoleyzdnet, microsoft windows subsystem linux windows windowsfoleyzdnet, windows subsystem windows microsoft store windowsfoleyzdnet, windows linux windows microsoft store windowsfoleyzdnet, denial-of-service, information leaks, products impacted by April’s security update