HomeNews & updatesFebruary 2022 Patch Tuesday forecast: A rough start for 2022 - Help...

February 2022 Patch Tuesday forecast: A rough start for 2022 – Help Net Security

January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates for Windows Server 2012, 2019, and 2022, as well as Windows 10 and 11.
February 2022 Patch Tuesday forecast
There were three major issues that were resolved in these re-issued updates. The first issue was some Windows Server 2019 and 2022 domain controllers were forced into a reboot loop; the second issue was Hyper-V would not start on Windows Server 2012; and the third issue involved broken L2TP VPN connections on Windows 10 and 11 workstations.
It was a frustrating week for many IT teams as they had to work through interruptions caused by the initial update release on Tuesday, and then the subsequent corrected releases. While we all want to roll out the updates as quickly as possible to stay ahead of the threat, this last month reminded us of the value in a phased rollout, validating stability on test systems before distribution to production.
The Log4j or Log4Shell bug continues to garner attention in the news. Vendors have been rapidly responding to the widespread and easily exploited vulnerability with product updates so be sure to factor these application updates into your next update cycle. One quick note of warning is that a host of Log4j-specific vulnerability scanners have appeared on the market. Ensure you use one from a trusted vendor because malicious versions come and go.
More vulnerabilities in WordPress have been reported. You may recall in the latter part of last year, vulnerabilities were identified in the All in One SEO plugin and some of the Starter Templates. Together, these vulnerabilities impacted several million websites. This time, the vulnerability is reported in a popular plug-in called Essential Addons for Elementor, which allows for remote code execution. A fix is available and should also be considered this month if you use the plugin.
And finally, 23 CVEs were reported in the Unified Extensible Firmware Interface (UEFI) firmware from InsydeH2O. This firmware is used by many major hardware manufacturers including Dell, HP, Lenovo, Microsoft, and others. Like the Log4Shell vulnerabilities, these cannot be patched directly, and the respective hardware vendors must update, test, and distribute the patched firmware as part of their packages. The firmware update for the vulnerabilities is available, but it will take a long time for all vendors to respond and for individual machines to be updated. These particular CVEs in firmware are scary because the “privileges exceed those of the OS kernel, so any security issues in this space can have severe consequences for the vulnerable system.” Please give plenty of attention to these firmware updates as they become available.
Despite the issues mentioned at the start of this article, Microsoft did resolve 97 unique CVEs last Patch Tuesday, nine of which were rated as Critical. I sure hope they are going to spend a lot more time in testing prior to next week’s Patch Tuesday releases so we don’t have to relive that mess.
It was a rough kickoff to our Patch Tuesday cadence in January. Microsoft should be providing a higher quality set of updates this month and the major third-party updates are already available, so let’s plan for a simple, routine set of patching next week.


- Advertisment -

Most Popular

- Advertisment -