We are back for another Patch Tuesday, and if you ignore that horrific zero-day from a few weeks earlier, this month is downright pleasant. This month we only have 60 total, with three being critical. None of these are publicly known or actively being exploited. While some of these are of real concern and need to be addressed, I think this might be the best patch Tuesday I have seen since I started these write-ups.
Highlights (or lowlights)
CVE-2022-30136: This one impacts Network File System and is the highest-rated CVE in this batch and it is pretty bad. It has all the indicators of being completely wormable. I think the only thing keeping this one from a full 10 it only impacts version 4.1. While there is some quick PowerShell to protect your systems, please make sure you know exactly how shutting off NFS 4.1 will impact your environment before running this. You may be better off Patching earlier over potentially impacting your system.
CVE-2022-30139: This critical patch is a remote code execution that impacts LDAP. Even at critical it is only rated a 7.5 on CVSS. It requires some authentication and you are only at risk if you have MaxReceiveBuffer set higher than the default.
CVE-2022-30163: This is the third critical patch that impacts only Hyper-V. It is an RCE, but it does require authentication and has a high attack complexity. With this one, an attacker can run a specifically crafted application that could cause a Hyper-V host to execute arbitrary code.
All things considered, this is a nice month as far as patching goes. The highest rated one seems similar to an almost identical patch to the NFS closed last month for only versions 2.0 and 3.0. So if your solution was to upgrade everything to 4.1, I have some bad news for you.
If you’re looking for some good news, you’re in luck! You can download a free trial of PDQ Deploy and Inventory to help you automate your patch management. Saving you time and concern. It seems to be less impactful when it is such a light month. So I guess I will end by saying next month will be doom....
Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet while drinking most Thursdays on the PDQ webcast.