CISA Warning: Windows Print-Spooler Vulnerability CVE-2022-22718 actively exploited

Windows[German]The US Cyber in Infrastructure Security Agency (CISA) has recently added three more entries to its list of actively exploited vulnerabilities. Among them is the vulnerability CVE-2022-22718 in the Windows print spooler, which affects virtually all Windows versions that are still in support. Microsoft released a security update in February 2022 to close the Elevation of Privilege vulnerability in the Windows Print Spooler.


Advertising

Print Spooler Vulnerability CVE-2022-22718

Vulnerability CVE-2022-22718  allows privilege escalation via the Windows Print Spooler service. Attackers who have local access to a Windows system can attack the Print Spooler service and elevate their privileges in the system without user interaction. Details of the vulnerability are being kept under wraps by Microsoft, but Redmond rates the complexity of an attack as low, meaning anyone who knows the vulnerability can easily exploit it via exploit. The CVSS score is rated as high at 7.2.

The CISA warning

The colleagues from Bleeping Computer have pointed out in the following tweet  as well as in this article that the vulnerability is being exploited.

The background is that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability CVE-2022-22718 to its list of actively exploited vulnerabilities as of April 19, 2022. U.S. organizations have until May 10, 2022, to patch this vulnerability.

Microsoft Feb. 2022 security updates

Microsoft has released security updates for this vulnerability as of Feb. 8, 2022, for all versions of Windows that are still supported (see also Microsoft Security Update Summary (February 8, 2022)). Here is the list of security updates for the affected Windows versions.


Advertising

  • KB5010384: Montly Rollup Update for Windows Server 2008 SP2
  • KB5010403: Security Only Update for Windows Server 2008 SP2
  • KB5010404: Montly Rollup Update for Windows Server 2008 R2 SP1, Windows 7 SP1
  • KB5010422: Security Only Update for Windows Server 2008 R2 SP1, Windows 7 SP1
  • KB5010392: Montly Rollup Update for Windows Server 2012
  • KB5010412: Security Only Update for Windows Server 2012
  • KB5010419: Montly Rollup Update for Windows Server 2012 R2, Windows RT 8.1, Windows 8.1
  • KB5010395: Security Only Update for Windows Server 2012 R2, Windows 8.1
  • KB5010358: Windows 10 RTM
  • KB5010359: Windows Server 2016, Windows 10 Version 1607
  • KB5010351: Windows Server 2019, Windows 10 Version 1809
  • KB5010345: Windows 10 Version 1909
  • KB5010342: Windows 10 Version 20H2-21H2, Windows Server Version 20H2
  • KB5010386: Windows 11
  • KB5010354: Windows Server 2022
  • KB5010456: Windows Server 2022 Azure Edition Core Hotpatch

Normally, one would assume that the February 2022 security updates for Windows have long since been applied. However, I remind you of my blog post Microsoft Februar 2022 Patch day review, where I pointed out various conflicts with the updates. So if necessary, check again whether the updates have been installed and react if necessary.

Similar articles:
Microsoft Security Update Summary (February 8, 2022)
Patchday: Windows 10 Updates (February 8, 2022)
Patchday: Windows 11/Server 2022 Updates (February 8, 2022)
Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (February 8, 2022)


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.