Microsoft September 2022 Patch Tuesday fixed actively exploited zero-day

2 years ago 137
BOOK THIS SPACE FOR AD
ARTICLE AD

Microsoft released September 2022 Patch Tuesday security updates to address 64 flaws, including an actively exploited Windows zero-day.

Microsoft September 2022 Patch Tuesday security updates address 64 vulnerabilities, including an actively exploited Windows zero-day. The flaws fixed by the IT giant impact Microsoft Windows and Windows Components; Azure and Azure Arc; .NET and Visual Studio and .NET Framework; Microsoft Edge (Chromium-based); Office and Office Components; Windows Defender; and Linux Kernel (really). This is in addition to the 15 CVEs patched in Microsoft Edge (Chromium-based).

Of the 64 vulnerabilities addressed by Microsoft, five are rated Critical, 57 are rated Important, one is rated Moderate, and one is rated Low in severity. This month’s Microsoft addressed two publicly disclosed zero-day vulnerabilities, only one of them was actively exploited in the wild at the time of release.

The issues include remote code execution, elevation of privilege, security feature bypass, information disclosure, denial of service, and Chromium Vulnerabilities.

Microsoft Patch Tuesday Exchange server

The actively exploited zero-day vulnerability is tracked as CVE-2022-37969, is a Windows Common Log File System Driver Elevation of Privilege Vulnerability.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” reads Microsoft’s advisory. “An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system.”

Microsoft credited Quan Jin with DBAPPSecurity, Genwei Jiang with Mandiant, FLARE OTF, CrowdStrike, and Zscaler ThreatLabz for reporting this flaw.

The company did not share details about the attacks exploiting this vulnerabilityHowever, there are no details at this time if it was used manually by threat actors or through malware.

The other publicly disclosed vulnerability, tracked as CVE-2022-23960, is an Arm Cache Speculation Restriction issue.

The full list of CVEs released by Microsoft for September 2022 Patch Tuesday security updates is available here, the most severe ones are:

CVE-2022-34700Microsoft Dynamics 365 (on-premises) Remote Code Execution VulnerabilityCritical8.8NoNoRCE
CVE-2022-35805Microsoft Dynamics 365 (on-premises) Remote Code Execution VulnerabilityCritical8.8NoNoRCE
CVE-2022-34721Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution VulnerabilityCritical9.8NoNoRCE
CVE-2022-34722Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution VulnerabilityCritical9.8NoNoRCE
CVE-2022-34718Windows TCP/IP Remote Code Execution VulnerabilityCritical9.8NoNoRCE

Below is the complete list of resolved vulnerabilities and released advisories in the September 2022 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)




Read Entire Article