Attackers taking a run at Client Server Runtime zero-day
This July, the number of patched threats announced by Microsoft stands at 84. This includes a Windows zero-day vulnerability which has been actively exploited, identified as CVE-2022-22047. The issue, in a key subsystem called Client Server Runtime, could allow an attacker to gain System privileges (if they already have local access).
The other key vulnerabilities to note this month include:
- CVE-2022-22029 and CVE-2022-22039 (both critical) affect services using the Windows Network File System (NFS)
- CVE-2022-30221 (critical) is a remote code execution issue in the Windows graphics component
- CVE-2022-22038 (critical) is a remote code execution issue in the Remote Procedure Call Runtime
As always, Balbix can identify all affected assets within 1 hour of release. There are no scans to run. Balbix customers simply search for the CVE name in their Balbix dashboard to view the list of affected assets. Users can also use the filtered search functionality to search for the CVE by site, subnet, location, or other distinguishing factors.