Microsoft has released patches in this month’s patch Tuesday for 97 different vulnerabilities. Nine of these vulnerabilities are rated as critical. None of the vulnerabilities were known to be exploited currently, but six of them were previously publicly disclosed. These include CVE-2022-21839, a denial-of-service vulnerability in the Windows event tracing discretionary access control list, an elevation of privilege flaw in Windows user profile service (CVE-2022-21919), and a Windows certificates spoofing vulnerability (CVE-2022-21836). The remaining three publicly disclosed flaws are remote code execution bugs in Windows Security Center API (CVE-2022-21874), libarchive (CVE-2021-36976) and open-source curl (CVE-2021-22947).
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased