Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Detect When Your Domain is Phished: Top 10 Ways Attackers Mangle Your Domain Name

Webinar Library

Latest Blogs

Recent Security Features in Active Directory You Probably Aren't Using

Active Directory security features you probably aren’t using and more in my sessions at The Experts Conference 2019

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Top Resources

Security Log

Additional Resources

January, 2022: Patch Tuesday: 6 Public Vulnerabilities, 1 Being Exploited

Welcome to my January Patch Tuesday newsletter. Starting 2022 we have 6 vulnerabilities that are public. Of the six, CVE-2021-44228 is not only public but is also being exploited. You may be more familiar with it's newsworthy name, Log4j. This flaw allows a remote code execution that is allowing hackers to attack vulnerable applications. According to Microsoft, they have "not identified any exploitation of our enterprise services as a result of the Log4j vulnerability at this time." Despite this, Microsoft has published a blog on preventing, detecting and hunting for Log4j on your systems. So we recommend you definitely test and install this months updates ASAP. It's important to get this month's patches in place as well because there are 18 either released or updated CVE's that Microsoft's "Exploitability Assessment" is set to "Exploitation More Likely". Happy updating!

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 7, 8.1, RT 8.1, 10, 11 Server 2008, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations HEVC Video Extensions Remote Desktop Client	Critical	CVE-2021-22947 CVE-2021-36976* CVE-2022-21833 CVE-2022-21834 CVE-2022-21835 CVE-2022-21836* CVE-2022-21838 CVE-2022-21839* CVE-2022-21843 CVE-2022-21847 CVE-2022-21848 CVE-2022-21849 CVE-2022-21850 CVE-2022-21851 CVE-2022-21852 CVE-2022-21857 CVE-2022-21858 CVE-2022-21859 CVE-2022-21860 CVE-2022-21861 CVE-2022-21862 CVE-2022-21863 CVE-2022-21864 CVE-2022-21865 CVE-2022-21866 CVE-2022-21867 CVE-2022-21868 CVE-2022-21869 CVE-2022-21870 CVE-2022-21871 CVE-2022-21872 CVE-2022-21873 CVE-2022-21874* CVE-2022-21875 CVE-2022-21876 CVE-2022-21877 CVE-2022-21878 CVE-2022-21879 CVE-2022-21880 CVE-2022-21881 CVE-2022-21882 CVE-2022-21883 CVE-2022-21884 CVE-2022-21885 CVE-2022-21887 CVE-2022-21888 CVE-2022-21889 CVE-2022-21890 CVE-2022-21892 CVE-2022-21893 CVE-2022-21894 CVE-2022-21895 CVE-2022-21896 CVE-2022-21897 CVE-2022-21898 CVE-2022-21899 CVE-2022-21900 CVE-2022-21901 CVE-2022-21902 CVE-2022-21903 CVE-2022-21904 CVE-2022-21905 CVE-2022-21906 CVE-2022-21907 CVE-2022-21908 CVE-2022-21910 CVE-2022-21912 CVE-2022-21913 CVE-2022-21914 CVE-2022-21915 CVE-2022-21916 CVE-2022-21917 CVE-2022-21918 CVE-2022-21919* CVE-2022-21920 CVE-2022-21921 CVE-2022-21922 CVE-2022-21924 CVE-2022-21925 CVE-2022-21928 CVE-2022-21958 CVE-2022-21959 CVE-2022-21960 CVE-2022-21961 CVE-2022-21962 CVE-2022-21963 CVE-2022-21964	Workaround: No Exploited: No Public: Yes*	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based	Important	CVE-2022-0096 CVE-2022-0097 CVE-2022-0098 CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 CVE-2022-0103 CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 CVE-2022-0107 CVE-2022-0108 CVE-2022-0109 CVE-2022-0110 CVE-2022-0111 CVE-2022-0112 CVE-2022-0113 CVE-2022-0114 CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118 CVE-2022-0120 CVE-2022-21929 CVE-2022-21930 CVE-2022-21931 CVE-2022-21954 CVE-2022-21970	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution
.NET Framework	2.0SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8	Important	CVE-2022-21911	Workaround: No Exploited: No Public: No	Denial of Service
Azure	DevOps, DevOps Server, Team Foundation Server	Critical	CVE-2021-44228*	Workaround: No Exploited: Yes Public: Yes*	Remote Code Execution
Office	365 Apps for Enterprise Excel 2013 RT SP1, 2013 SP1, 2016 Word 2016 Office 2013 RT SP1, 2013 SP1, 2016, 2019, 2019 for Mac, Online Server, Web Apps Server 2013 SP1 SharePoint Enterprise 2013 SP1, 2016, Server 2019, Foundation 2013 SP1, Subscription Edition, Server Subscription Edition Language Pack LTSC 2021, LTSC for Mac 2021	Critical	CVE-2022-21837 CVE-2022-21840 CVE-2022-21841 CVE-2022-21842	Workaround: No Exploited: No Public: No	Remote Code Execution
Azure	Insights Java SDK Data Lake Store Java Tool, Client SDK Spring Cloud VMware Solution Databricks Arc-enabled Data Services Minecraft Java Edition Events Hub Extension Cosmos DB Kafka Connector	Critical	CVE-2021-44228*	Workaround: No Exploited: Yes Public: Yes*	Remote Code Execution
Exchange Server	2013 CU23 2016 CU21 & CU22 2019 CU10 & CU11	Critical	CVE-2022-21846 CVE-2022-21855	Workaround: No Exploited: No Public: No	Remote Code Execution
System Center	Defender for IoT	Critical	CVE-2021-44228*	Workaround: No Exploited: Yes Public: Yes*	Remote Code Execution
SQL Server	2019 Big Data Clusters	Critical	CVE-2021-44228*	Workaround: No Exploited: Yes Public: Yes*	Remote Code Execution
Dynamics 365 Customer Engagement	9.0, 9.1	Important	CVE-2022-21932	Workaround: No Exploited: No Public: No	Spoofing

Send me this chart next Patch Tuesday.

Home

User name:
Password:
	/ Forgot?
	Register

January 2022 Patch Monday	"Patch Tuesday: 6 Public Vulnerabilities, 1 Being Exploited " - sponsored by Supercharger

Follow @randyfsmith

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2022 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.