March’s Patch Tuesday comes with fixes for 71 vulnerabilities. Three zero-day vulnerabilities have been patched. Three vulnerabilities are classified as Critical. Thankfully, none of the zero days are being actively exploited, so admins can take a breathe; nevertheless, like all Patch Tuesdays, admins are going to be hustling to install the patches.
After an initial discussion about this month’s updates, we’ll offer our advice for devising a plan to handle patch management in a hybrid work environment. You can also register for our free Patch Tuesday webinar and listen to our experts break down Patch Tuesday updates in detail.
But first, since this month’s Patch Tuesday falls on International Women’s day, let’s take this time to acknowledge the contributions of some remarkable women to the field of cybersecurity.
Women in cybersecurity
Susan Bradley, aka The Microsoft Patch lady: Susan Bradley is a popular name in patch management. She is the go-to person for anything Microsoft-update related. She writes on Askwoody and CSO Online. You can also catch her moderating the PatchManagement.org listserv.
Window Snyder: Snyder is the founder and CEO of Thistle technologies and has previously been the chief security officer at Fastly, Apple, and Mozilla corporation. She is the co-author of Threat Modeling, which is a guide to the concepts and goals for threat modeling.
Katie Moussouris: Moussouris was instrumental in building the US Government’s first bug bounty program, “Hack the Pentagon” that was followed by another, “Hack the airforce”. These initiatives were part of her work as the Chief Policy Officer at HackerOne. She is also on the Forbes “World’s Top 50 Women in Tech” list.
Lesley Carhart: Carhart is an industrial control security and digital forensics and incident response specialist at Dragos Inc. They also blog on infosec careers, answer questions related to cybersecurity, and give expert advice on information security questions.
Juliette Kayyem: Professor Kayyem is the author and host of the WGBH podcast, Security Mom. A CNN national security analyst, Pulitzer Prize finalist, and contributor for The Atlantic and Boston’s local NPR station, GBH, Kayyem also advises governors, mayors, and corporations on crisis management, especially throughout the COVID-19 response.
These are just some in a long list of women who have been and are contributing tremendously in cybersecurity and information security. Here’s to hoping that more young women follow their lead and make their mark in these fields.
Now back to the details of this month’s Patch Tuesday updates.
March Patch Tuesday product lineup
Security updates were released for the following products:
-
.NET and Visual Studio
-
Microsoft Defender for Endpoint
-
Microsoft Edge (Chromium)
-
Microsoft Exchange Server
-
Microsoft Intune
-
Microsoft Office Word
-
Microsoft Windows Codecs Library
-
Role: Windows Hyper-V
-
Windows Installer
-
Windows Kernel
-
Windows Print Spooler Components
-
Windows Remote Desktop
-
Windows Update Stack
-
Windows Fax and Scan Service
Three zero-day vulnerability patched
Three publicly disclosed zero-day vulnerabilities have been patched this month, the details of which are given below. The good news is that we have no actively exploited zero days this month.
-
CVE-2022-21990: Remote Desktop Client Remote Code Execution Vulnerability (publicly disclosed vulnerability)
-
CVE-2022-24459: Windows Fax and Scan Service Elevation of Privilege Vulnerability
-
CVE-2022-24512: .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2022-21990 and CVE-2022-24459 have public proof of concepts, so it’s recommended to patch them as soon as possible to avoid potential exploitation.
Vulnerabilities likely to be targeted are:
-
CVE-2022-24508 – Windows SMBv3 Client/Server Remote Code Execution Vulnerability
-
CVE-2022-23277 – Microsoft Exchange Server Remote Code Execution Vulnerability
Third-party updates released after last month’s Patch Tuesday
Third-party vendors such as Google, Cisco, and HP have released updates after last month’s Patch Tuesday.
Best practices to handle patch management in a hybrid work environment
Most organizations have opted to embrace remote work even after they have been cleared to return to the office. This decision poses various challenges to IT admins, especially in terms of managing and securing distributed endpoints.
Here are a few pointers to simplify the process of getting your endpoints production-ready:
-
For machines belonging to users returning to the office after working remotely, check if they are compliant with your security policies. If not, quarantine them.
-
Install the latest updates and feature packs before deeming your back-to-office machines fit for production.
-
Take inventory of and remove apps that are now obsolete for your back-to-office machines, like remote collaboration software.
-
Test the patches on a pilot group of systems before deploying them to the production environment. This will ensure that the patches do not interfere with the workings of other applications.
-
Create a restore point—a backup or image that captures the state of the machines—before deploying big updates like those from Patch Tuesday.
-
Establish a patching schedule and keep end users informed about it. It is recommended to set up a time for deploying patches and rebooting systems. Let end users know what needs to be done on their end for trouble-free patching.
-
Schedule the non-security updates and security updates that are not rated Critical to be deployed after Patch Tuesday, such as during the third or fourth week of the month. You can also choose to decline certain updates if you feel they are not required in your environment.
-
Run patch reports to get a detailed view of the health status of your endpoints.
With Desktop Central or Patch Manager Plus, you can completely automate the entire process of patch management, from testing patches to deploying them. You can also tailor patch tasks according to your current situation. To experience either of these products hands on, try a free, 30-day trial, and keep thousands of applications patched and secure.
Want to learn more about Patch Tuesday updates? Join our experts as they break down this month’s Patch Tuesday updates and offer in-depth analysis. You can also ask our experts questions and have them answered right away. Register for our free Patch Tuesday webinar.
Happy patching!
