Microsoft's April Patch Tuesday Addresses 117 CVEs

On April 12, Microsoft released its monthly security update which addressed 117 CVEs. Nine of the CVEs were rated critical, while 108 were rated important. This update addressed two publicly disclosed zero-days, one of which has been exploited in the wild. 

Microsoft patched CVE-2022-24521, an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) driver for Microsoft Windows. According to Microsoft, this flaw has been exploited in the wild as a zero-day, though we do not have any additional details about its exploitation. We do know that it was reported to Microsoft by the National Security Agency along with researchers at CrowdStrike. Organizations should ensure they apply the available patches as soon as possible.

This month’s update includes patches for:

• .NET Framework
• Active Directory Domain Services
• Azure SDK
• Azure Site Recovery
• LDAP - Lightweight Directory Access Protocol
• Microsoft Bluetooth Driver
• Microsoft Dynamics
• Microsoft Edge (Chromium-based)
• Microsoft Graphics Component
• Microsoft Local Security Authority Server (lsasrv)
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Windows ALPC
• Microsoft Windows Codecs Library
• Microsoft Windows Media Foundation
• Power BI
• Role: DNS Server
• Role: Windows Hyper-V
• Skype for Business
• Visual Studio
• Visual Studio Code
• Windows Ancillary Function Driver for WinSock
• Windows App Store
• Windows AppX Package Manager
• Windows Cluster Client Failover
• Windows Cluster Shared Volume (CSV)
• Windows Common Log File System Driver
• Windows Defender
• Windows DWM Core Library
• Windows Endpoint Configuration Manager
• Windows Fax Compose Form
• Windows Feedback Hub
• Windows File Explorer
• Windows File Server
• Windows Installer
• Windows iSCSI Target Service
• Windows Kerberos
• Windows Kernel
• Windows Local Security Authority Subsystem Service
• Windows Media
• Windows Network File System
• Windows PowerShell
• Windows Print Spooler Components
• Windows RDP
• Windows Remote Procedure Call Runtime
• Windows schannel
• Windows SMB
• Windows Telephony Server
• Windows Upgrade Assistant
• Windows User Profile Service
• Windows Win32K
• Windows Work Folder Service
• YARP reverse proxy

For more information about the notable vulnerabilities in this month’s Patch Tuesday, including the availability of patches and Tenable product coverage, please visit our blog.