Patch Analysis for January 2022
Welcome to my January Patch Tuesday newsletter. Starting 2022 we have 6 vulnerabilities that are public. Of the six, CVE-2021-44228 is not only public but is also being exploited. You may be more familiar with it's newsworthy name, Log4j. This flaw allows a remote code execution that is allowing hackers to attack vulnerable applications. According to Microsoft, they have "not identified any exploitation of our enterprise services as a result of the Log4j vulnerability at this time." Despite this, Microsoft has published a blog on preventing, detecting and hunting for Log4j on your systems. So we recommend you definitely test and install this months updates ASAP. It's important to get this month's patches in place as well because there are 18 either released or updated CVE's that Microsoft's "Exploitability Assessment" is set to "Exploitation More Likely". Happy updating!
Patch data provided by:
|

|
Technology
|
Products Affected
|
Severity
|
Reference
|
Workaround/ Exploited / Publicly Disclosed
|
Vulnerability Info
|
Windows
|
Windows 7, 8.1, RT 8.1, 10, 11
Server 2008, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations
HEVC Video Extensions
Remote Desktop Client
|
Critical
|
CVE-2021-22947
CVE-2021-36976*
CVE-2022-21833
CVE-2022-21834
CVE-2022-21835
CVE-2022-21836*
CVE-2022-21838
CVE-2022-21839*
CVE-2022-21843
CVE-2022-21847
CVE-2022-21848
CVE-2022-21849
CVE-2022-21850
CVE-2022-21851
CVE-2022-21852
CVE-2022-21857
CVE-2022-21858
CVE-2022-21859
CVE-2022-21860
CVE-2022-21861
CVE-2022-21862
CVE-2022-21863
CVE-2022-21864
CVE-2022-21865
CVE-2022-21866
CVE-2022-21867
CVE-2022-21868
CVE-2022-21869
CVE-2022-21870
CVE-2022-21871
CVE-2022-21872
CVE-2022-21873
CVE-2022-21874*
CVE-2022-21875
CVE-2022-21876
CVE-2022-21877
CVE-2022-21878
CVE-2022-21879
CVE-2022-21880
CVE-2022-21881
CVE-2022-21882
CVE-2022-21883
CVE-2022-21884
CVE-2022-21885
CVE-2022-21887
CVE-2022-21888
CVE-2022-21889
CVE-2022-21890
CVE-2022-21892
CVE-2022-21893
CVE-2022-21894
CVE-2022-21895
CVE-2022-21896
CVE-2022-21897
CVE-2022-21898
CVE-2022-21899
CVE-2022-21900
CVE-2022-21901
CVE-2022-21902
CVE-2022-21903
CVE-2022-21904
CVE-2022-21905
CVE-2022-21906
CVE-2022-21907
CVE-2022-21908
CVE-2022-21910
CVE-2022-21912
CVE-2022-21913
CVE-2022-21914
CVE-2022-21915
CVE-2022-21916
CVE-2022-21917
CVE-2022-21918
CVE-2022-21919*
CVE-2022-21920
CVE-2022-21921
CVE-2022-21922
CVE-2022-21924
CVE-2022-21925
CVE-2022-21928
CVE-2022-21958
CVE-2022-21959
CVE-2022-21960
CVE-2022-21961
CVE-2022-21962
CVE-2022-21963
CVE-2022-21964
|
Workaround: No
Exploited: No
Public: Yes*
|
Denial of Service
Elevation of Privilege
Information Disclosure
Remote Code Execution
Security Feature Bypass
Spoofing
|
Edge
|
Chromium-based
|
Important
|
CVE-2022-0096
CVE-2022-0097
CVE-2022-0098
CVE-2022-0099
CVE-2022-0100
CVE-2022-0101
CVE-2022-0102
CVE-2022-0103
CVE-2022-0104
CVE-2022-0105
CVE-2022-0106
CVE-2022-0107
CVE-2022-0108
CVE-2022-0109
CVE-2022-0110
CVE-2022-0111
CVE-2022-0112
CVE-2022-0113
CVE-2022-0114
CVE-2022-0115
CVE-2022-0116
CVE-2022-0117
CVE-2022-0118
CVE-2022-0120
CVE-2022-21929
CVE-2022-21930
CVE-2022-21931
CVE-2022-21954
CVE-2022-21970
|
Workaround: No
Exploited: No
Public: No
|
Elevation of Privilege
Remote Code Execution
|
.NET Framework
|
2.0SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8
|
Important
|
CVE-2022-21911
|
Workaround: No
Exploited: No
Public: No
|
Denial of Service
|
Azure
|
DevOps, DevOps Server, Team Foundation Server
|
Critical
|
CVE-2021-44228*
|
Workaround: No
Exploited: Yes
Public: Yes*
|
Remote Code Execution
|
Office
|
365 Apps for Enterprise
Excel 2013 RT SP1, 2013 SP1, 2016
Word 2016
Office 2013 RT SP1, 2013 SP1, 2016, 2019, 2019 for Mac, Online Server, Web Apps Server 2013 SP1
SharePoint Enterprise 2013 SP1, 2016, Server 2019, Foundation 2013 SP1, Subscription Edition, Server Subscription Edition Language Pack
LTSC 2021, LTSC for Mac 2021
|
Critical
|
CVE-2022-21837
CVE-2022-21840
CVE-2022-21841
CVE-2022-21842
|
Workaround: No
Exploited: No
Public: No
|
Remote Code Execution
|
Azure
|
Insights Java SDK
Data Lake Store Java Tool, Client SDK
Spring Cloud
VMware Solution
Databricks
Arc-enabled Data Services
Minecraft Java Edition
Events Hub Extension
Cosmos DB Kafka Connector
|
Critical
|
CVE-2021-44228*
|
Workaround: No
Exploited: Yes
Public: Yes*
|
Remote Code Execution
|
Exchange Server
|
2013 CU23
2016 CU21 & CU22
2019 CU10 & CU11
|
Critical
|
CVE-2022-21846
CVE-2022-21855
|
Workaround: No
Exploited: No
Public: No
|
Remote Code Execution
|
System Center
|
Defender for IoT
|
Critical
|
CVE-2021-44228*
|
Workaround: No
Exploited: Yes
Public: Yes*
|
Remote Code Execution
|
SQL Server
|
2019 Big Data Clusters
|
Critical
|
CVE-2021-44228*
|
Workaround: No
Exploited: Yes
Public: Yes*
|
Remote Code Execution
|
Dynamics 365 Customer Engagement
|
9.0, 9.1
|
Important
|
CVE-2022-21932
|
Workaround: No
Exploited: No
Public: No
|
Spoofing
|
Receive Randy's same-day, independent analysis each Patch Tuesday
|
"Thank you. I am very glad I subscribed to this newsletter.
Relevant content clearly and concisely. Finally!!!"
- John K.
"I really like the Fast Facts on this Month's Microsoft
Security Bulletins. Do you keep old copies? If yes, please let me know how I can
access them?"
-Susan D.
"Thanks, Randy. Your regular updates have streamlined my
monthly patching. Much appreciated,"
- Steve T.
"Really appreciate your patch observor. In the corporate
IT world, anything we can get our hands on that speeds the process of analyzing
threats and how they may or may not apply to our environments is a God-send.
Thanks so much for your efforts."
- Tess G.
"Many thanks for this Randy"
- Roger G.
"The chart is a REAAALLY good idea :)"
- Phil J.
"I like the table. Your insight is very valuable. "
Tom C.
"I liked your high level overview of patches in the
table. There are so many sources of patch information which can be very specific
or surrounded by other stuff that it’s refreshing to get everything summarised
like this. The "Randy’s Recommendation" comment is useful starting point too.
Please keep up the good work."
- David A.
"Your Patch Observer is a very good tool in
making the decision whether to patch or not to patch. And also to patch asap or
to wait a while before patching. Also I do think the use of the table is realy
improving the readability of the provided information."
- Gerard T.
|