Microsoft Security Update Fixed an Actively Exploited Zero-day Including 64 New Bugs

Microsoft released a new security update with the fixes for 64 new security vulnerabilities including 2 zero-day in which one is actively exploited in wild.

In this list of Vulnerabilities, 5 Vulnerabilities were marked as “Critical” and, the rest of the 58 vulnerabilities were fixed as “Important”.

Following products have received a patch that is affected by various vulnerabilities in this patch Tuesday update:-

  • .NET and Visual Studio
  • .NET Framework
  • Azure Arc
  • Cache Speculation
  • HTTP.sys
  • Microsoft Dynamics
  • Microsoft Edge (Chromium-based)
  • Microsoft Graphics Component
  • Microsoft Office
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft Windows ALPC
  • Microsoft Windows Codecs Library
  • Network Device Enrollment Service (NDES)
  • Role: DNS Server
  • Role: Windows Fax Service
  • SPNEGO Extended Negotiation
  • Visual Studio Code
  • Windows Common Log File System Driver
  • Windows Credential Roaming Service
  • Windows Defender
  • Windows Distributed File System (DFS)
  • Windows DPAPI (Data Protection Application Programming Interface)
  • Windows Enterprise App Management
  • Windows Event Tracing
  • Windows Group Policy
  • Windows IKE Extension
  • Windows Kerberos
  • Windows Kernel
  • Windows LDAP – Lightweight Directory Access Protocol
  • Windows ODBC Driver
  • Windows OLE
  • Windows Photo Import API
  • Windows Print Spooler Components
  • Windows Remote Access Connection Manager
  • Windows Remote Procedure Call
  • Windows TCP/IP
  • Windows Transport Security Layer (TLS)

Following categories are the vulnerabilities that are affected the above products:

  1. 30 Remote Code Execution Vulnerabilities
  2. 18 Elevation of Privilege Vulnerabilities
  3. 16 Edge – Chromium Vulnerabilities
  4. 7 Information Disclosure Vulnerabilities
  5. 7 Denial of Service Vulnerabilities
  6. 1 Security Feature Bypass Vulnerabilities

Zero-day Vulnerabilities are Fixed:

Microsoft Fixed 2 Zero-day Vulnerabilities. One (CVE-2022-37969) is Windows Common Log File System Driver Elevation of Privilege Vulnerability that allows attackers to exploit this vulnerability to gain SYSTEM privileges.

“An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system.” Microsoft says.

Researchers at DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler found this vulnerability and reported it to Microsoft.

 CVE-2022-23960 Cache Speculation Restriction bus is the second 0-day bug which is known as Spectre-BHB. MITRE created this CVE on behalf of Arm Limited.

Here the following notable critical vulnerabilities that was fixed in this September Patch Tuesday Microsoft security updates.

  • CVE-2022-34718 -Windows TCP/IP Remote Code Execution Vulnerability
  • CVE-2022-34721  -Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
  • CVE-2022-34722 – Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
  • CVE-2022-34700  – Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability
  • CVE-2022-35805  – Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability

Microsoft strongly recommended installing these security updates for all windows users to avoid the security risk and protect your Windows.

You can refer to the complete patch details for the full list of vulnerabilities resolved, and advisories, in the September 2022 Patch here.

Azure Active Directory Security – Download Free E-Book

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.