Microsoft’s Newest Safety Replace Fixes 64 New Flaws, Together with Zero Day
Tech big Microsoft on Tuesday delivered patches to roll again 64 new safety flaws throughout its software program lineup, together with a zero-day flaw that has been actively exploited in real-world assaults.
Of the 64 bugs, 5 are rated important, 57 are rated essential, one is rated average, and one is rated low in severity. The patches add to 16 vulnerabilities Microsoft addressed in its Chromium-based Edge browser earlier this month.
“When it comes to revealed CVEs, this Patch Tuesday might seem lighter in comparison with different months,” Bharat Jogi, director of vulnerability and risk analysis at Qualys, mentioned in a press release shared with The Hacker Information.
– Promoting –
“Nonetheless, this month marked a serious milestone for the calendar 12 months, with MSFT fixing the 1,000th CVE of 2022 – seemingly on observe to surpass 2021 which fastened 1,200 CVEs in complete.”
The actively exploited vulnerability in query is CVE-2022-37969 (CVSS rating: 7.8), an elevation of privilege flaw affecting the Home windows Frequent Log File System (CLFS) Driver, which might be exploited by an adversary to acquire SYSTEM privileges on an already compromised asset.
“An attacker should have already got entry and the power to execute code on the goal system. This system doesn’t enable distant code execution in circumstances the place the attacker doesn’t have already got this functionality on the goal system,” Microsoft mentioned in an advisory.
The tech big credited 4 totally different teams of researchers from CrowdStrike, DBAPPSecurity, Mandiant and Zscaler for reporting the flaw, which can be a sign of widespread exploitation within the wild, mentioned Greg Wiseman, product supervisor at Rapid7, in a press launch.
CVE-2022-37969 can also be the second actively exploited zero-day flaw within the CLFS element after CVE-2022-24521 (CVSS rating: 7.8), the latter having been addressed by Microsoft as a part of its safety updates. April 2022.
It is not instantly clear if CVE-2022-37969 is a repair bypass for CVE-2022-24521. Different important flaws to notice are as follows –
- CVE-2022-34718 (CVSS Rating: 9.8) – Home windows TCP/IP Distant Code Execution Vulnerability
- CVE-2022-34721 (CVSS Rating: 9.8) – Home windows Web Key Alternate (IKE) Protocol Extensions Distant Code Execution Vulnerability
- CVE-2022-34722 (CVSS Rating: 9.8) – Home windows Web Key Alternate (IKE) Protocol Extensions Distant Code Execution Vulnerability
- CVE-2022-34700 (CVSS Rating: 8.8) – Microsoft Dynamics 365 Distant Code Execution Vulnerability (on-premises)
- CVE-2022-35805 (CVSS Rating: 8.8) – Microsoft Dynamics 365 Distant Code Execution Vulnerability (on-premises)
“An unauthenticated attacker may ship a specifically crafted IP packet to a goal machine operating Home windows that has IPSec enabled, which may enable distant code execution exploitation,” Microsoft mentioned of CVE-2022. -34721 and CVE-2022-34722.
Microsoft additionally addressed 15 distant code execution flaws in Driving Microsoft ODBCMicrosoft OLE DB Supplier for SQL Server and Microsoft SharePoint Server and 5 privilege escalation bugs overlaying Home windows Kerberos and Home windows kernel.
The September launch is moreover notable for fixing one other elevation of privilege vulnerability within the Print Spooler module (CVE-2022-38005, CVSS rating: 7.8) that might be abused to realize permissions at SYSTEM degree.
Lastly, the collection of safety updates features a patch launched by chipmaker Arm for a speculative execution vulnerability referred to as Department Historical past Injection or Spectre-BHB (CVE-2022-23960) that was disclosed earlier in March. .
“This class of vulnerabilities poses an enormous headache for organizations making an attempt to mitigate them, as they usually require updates to working techniques, firmware, and in some circumstances software recompilation and hardening,” Jogi mentioned. “If an attacker efficiently exploits any such vulnerability, they may acquire entry to delicate info.”
Software program patches from different distributors
Other than Microsoft, safety updates have additionally been launched by different distributors because the starting of the month to repair dozens of vulnerabilities together with –
#Microsofts #Newest #Safety #Replace #Fixes #Flaws #Together with #Day