The Information Security Administration recommends that agencies, organizations and businesses check and review to identify machines using the Windows operating system, which are likely to be affected by 8 security vulnerabilities in Microsoft products published in June.
On June 16, the Information Security Department of the Ministry of Information And Communications issued a warning about high and serious security vulnerabilities that exist in Microsoft products announced in June 2022, sent to specialized units of ministries, sectors and localities; state-owned corporations and corporations; banks and financial institutions and systems of specialized units in information security.
On June 14, Microsoft released a list of June patches with 55 security vulnerabilities in its products.Among the new security vulnerabilities released by Microsoft, the Information Security Administration noted the units two vulnerabilities that affected the severity and six were highly impactful.
Specifically, in addition to the CVE-2022-30136 security vulnerability in the Windows Network File System that allows non-authentication attackers to be able to execute code remotely, Information Security Bureau experts continue to suggest that units pay attention to the CVE-2022-30190 security vulnerability (also known as Follina).
Once widely warned by the Information Security Bureau on June 1, the Follina security vulnerability exists in the Windows Microsoft Support Diagnotic tool, which allows attackers to execute code at will.
According to an expert analysis by the National Center for Cyber Security Monitoring of the Information Security Administration, despite having a CVSS score of 7.8 (high level), the exploit code of the Follina vulnerability has been widely publicized on the Internet, especially being thoroughly exploited by attack groups.Therefore, agencies and organizations need to update the patch or implement restrictive measures as soon as possible to avoid the risk of being attacked through this vulnerability.
Of the eight security vulnerabilities that exist in Microsoft products warned by the Information Security Administration, two are critical and six are high-level vulnerabilities.
Six high-level security vulnerabilities in Microsoft products are recommended by the Information Security Administration for special attention, including: CVE-2022-30163 vulnerability in Windows Hyper-V; CVE-2022-30139 vulnerability in Windows Lightweight Directory Access Protocol; 2 vulnerabilities CVE-2022-30157, CVE-2022-30158 in Microsoft SharePoint Server; CVE-2022-30165 vulnerability in Windows Kerberos; and the CVE-2022-30173 vulnerability in Microsoft Excel.
In particular, the CVE-2022-30165 vulnerability exists Windows Kerberos that allows the attacker to carry out privileged attacks.The remaining five high-level security vulnerabilities allow the attacker to execute the code remotely.
In order to ensure information security for the information system of the unit, contributing to ensuring the safety of Vietnam’s cyberspace, the Information Security Department recommends agencies, organizations and enterprises to check, review and identify machines using the Windows operating system that are likely to be affected; at the same time, update the patch in time to avoid the risk of being attacked.
In addition, the units are also asked to strengthen supervision and be ready to handle when detecting signs of exploitation and cyber attack; regularly monitor the warning channels of authorities and large organizations on information security to promptly detect the risk of cyber attacks.