Skip to content ↓ | Skip to navigation ↓

Tripwire’s January 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Open Source Policy Kit, Adobe, and Microsoft.

First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 “LogShell” remote code execution vulnerability (CVE-2021-44228). This vulnerability made it on the December 2021 priority list, and it is back this month because it has been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible.

Up next is a remote code execution in the Windows HTTP protocol stack. This vulnerability can be exploited over the network with no authentication required. Microsoft states that this vulnerability is wormable. Administrators should ensure this vulnerability is patched as soon as possible.

Next on the list is the so-called “PWNkit” vulnerability. This is a local privilege escalation vulnerability that potentially impacts any Linux operating system. The vulnerability exists in the PolicyKit (aka, polkit) pkexec application and allows a low privileged user to easily gain access to root with ease. Several proof-of-concepts are available on GitHub. The main requirements is that PolicyKit is installed on a target system and a malicious actor has the ability to login as a regular user. Many Linux distributions such as RedHat, Ubuntu, Amazon Linux, etc. have released patches to resolve this vulnerability.

Up next are patches for Microsoft Edge that resolve over 20 vulnerabilities such as user after free, type confusion, heap buffer overflow, and data validation vulnerabilities.

Following Edge, administrators should apply patches for Adobe Reader and Acrobat based on the APSB22-01 patch release. These patches resolve over 25 vulnerabilities and fix issues such as use after free, information exposure, stack-based buffer overflow, heap-based buffer overflow, and out of bounds write vulnerabilities.

Next are patches for Microsoft Office, Excel, and Word. These patches resolve 3 remote code execution vulnerabilities.

Exploit Framework – MetasploitCVE-2021-44228
Windows HTTP Protocol StackCVE-2022-21907
PolicyKit (polkit) – Local Privilege EscalationCVE-2021-4034
Microsoft Edge (Chromium-based)CVE-2022-0108, CVE-2022-0109, CVE-2022-0104, CVE-2022-0105, CVE-2022-0106, CVE-2022-0107, CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103, CVE-2022-0120, CVE-2022-0113, CVE-2022-0112, CVE-2022-0111, CVE-2022-0110, CVE-2022-0117, CVE-2022-0116, CVE-2022-0115, CVE-2022-0114, CVE-2022-0118, CVE-2022-0098, CVE-2022-0099, CVE-2022-0096, CVE-2022-0097
APSB22-01CVE-2021-44701, CVE-2021-44702, CVE-2021-44703, CVE-2021-44704, CVE-2021-44705, CVE-2021-44706, CVE-2021-44707, CVE-2021-44708, CVE-2021-44709, CVE-2021-44710, CVE-2021-44711, CVE-2021-44712, CVE-2021-44713, CVE-2021-44714, CVE-2021-44715, CVE-2021-44739, CVE-2021-44740, CVE-2021-44741, CVE-2021-44742, CVE-2021-45060, CVE-2021-45061, CVE-2021-45062, CVE-2021-45063, CVE-2021-45064, CVE-2021-45067, CVE-2021-45068
Microsoft Office WordCVE-2022-21842
Microsoft Office ExcelCVE-2022-21841
Microsoft OfficeCVE-2022-21840
Microsoft Windows ICVE-2022-21883, CVE-2022-21889, CVE-2022-21890, CVE-2022-21848, CVE-2022-21843, CVE-2022-21849, CVE-2021-22947, CVE-2022-21870, CVE-2022-21959, CVE-2022-21958, CVE-2022-21892, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963, CVE-2022-21928, CVE-2022-21924, CVE-2022-21862, CVE-2022-21835, CVE-2022-21908, CVE-2022-21897, CVE-2022-21916, CVE-2022-21877, CVE-2022-21894, CVE-2022-21918, CVE-2022-21898, CVE-2022-21912, CVE-2022-21884, CVE-2022-21836, CVE-2022-21834, CVE-2022-21868, CVE-2022-21903, CVE-2022-21904, CVE-2022-21880, CVE-2022-21915, CVE-2022-21839, CVE-2022-21872, CVE-2022-21838, CVE-2022-21881, CVE-2022-21879, CVE-2022-21896, CVE-2022-21902, CVE-2022-21852, CVE-2022-21895, CVE-2022-21919, CVE-2022-21869
Microsoft Windows IICVE-2022-21867, CVE-2022-21922, CVE-2022-21906, CVE-2022-21921, CVE-2022-21964, CVE-2022-21858, CVE-2022-21871, CVE-2022-21850, CVE-2022-21851, CVE-2022-21893, CVE-2022-21878, CVE-2022-21863, CVE-2022-21925, CVE-2022-21874, CVE-2021-36976, CVE-2022-21882, CVE-2022-21887, CVE-2022-21876, CVE-2022-21920, CVE-2022-21865, CVE-2022-21888, CVE-2022-21875, CVE-2022-21885, CVE-2022-21914, CVE-2022-21864, CVE-2022-21861, CVE-2022-21866, CVE-2022-21860, CVE-2022-21899, CVE-2022-21873, CVE-2022-21913, CVE-2022-21833, CVE-2022-21859, CVE-2022-21910
.NET FrameworkCVE-2022-21911
Role: Windows Hyper-VCVE-2022-21847, CVE-2022-21901, CVE-2022-21900, CVE-2022-21905
Windows Active DirectoryCVE-2022-21857
Microsoft Exchange ServerCVE-2022-21969, CVE-2022-21855, CVE-2022-21846
Microsoft Office SharePointCVE-2022-21837
Microsoft DynamicsCVE-2022-21932