Microsoft Notifies of Two Critical, Potentially Exploitable Vulnerabilities

Immediate Action Advised

On June 14, 2022, Microsoft announced measures to address two critical, potentially exploitable vulnerabilities: CVE-2022-30136 and CVE-2022-30190. 

CVE-2022-30136

Microsoft rates this vulnerability a 9.8 on the CVSS scale, with its latest software release exploitability categorized as “exploitation more likely.” This vulnerability could be exploited through unauthenticated, specially crafted calls over a network to a Network File System (NFS), resulting in a remote code execution. As noted in the vulnerability metrics, potential attackers do not require special privileges or circumstances to successfully exploit this vulnerability, which may render systems unavailable and expose their data.

Mitigation Measures 

Microsoft published a temporary configuration that could help reduce the severity of exploitation, involving the disablement of NFSV4.1. Note: this is a temporary workaround, may affect an organization’s ecosystem, and is not advised unless the May 2022 Windows security updates are installed. 

IT teams can find more specifics in CVE-2022-30136’s Microsoft vulnerability guide under the section titled “Mitigations.”

CVE-2022-30190

Microsoft rates this vulnerability a 7.8 on the CVSS scale, with its latest software release exploitability categorized as “exploitation detected.” This vulnerability could be exploited through a remote code execution. As noted in the vulnerability metrics, the potential attacker does not need access to settings or files to carry out an attack but requires an action from users before successful exploitation. After a successful exploitation, attackers may be able to modify and files in impacted systems, as well as deny access to impacted resources.

Updated Guidance

According to the revisions section of CVE-2022-30190’s vulnerability guide, Microsoft recommends all customers install June 2022 Windows updates to be fully protected. 

How We Help

We help organizations monitor and get ahead of vulnerability exploitation, including:

• Penetration testing and vulnerability assessments to identify network vulnerabilities that can help reduce the risk of a breach and associated financial, operational, and reputational losses.
• Regulatory and cyber risk alerts and insights to stay current with cybersecurity, privacy, and regulatory trends and emerging threats. 

Learn more about our additional solutions here.

For questions about this alert, or to find out how we can help you with vulnerability exploitation, please reach out to your trusted cyber advisor or contact us.