Microsoft released a new security update with the fixes for 64 new security vulnerabilities including 2 zero-day in which one is actively exploited in wild.
In this list of Vulnerabilities, 5 Vulnerabilities were marked as “Critical” and, the rest of the 58 vulnerabilities were fixed as “Important”.
Following products have received a patch that is affected by various vulnerabilities in this patch Tuesday update:-
Following categories are the vulnerabilities that are affected the above products:
Microsoft Fixed 2 Zero-day Vulnerabilities. One (CVE-2022-37969) is Windows Common Log File System Driver Elevation of Privilege Vulnerability that allows attackers to exploit this vulnerability to gain SYSTEM privileges.
“An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system.” Microsoft says.
Researchers at DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler found this vulnerability and reported it to Microsoft.
CVE-2022-23960 Cache Speculation Restriction bus is the second 0-day bug which is known as Spectre-BHB. MITRE created this CVE on behalf of Arm Limited.
Here the following notable critical vulnerabilities that was fixed in this September Patch Tuesday Microsoft security updates.
Microsoft strongly recommended installing these security updates for all windows users to avoid the security risk and protect your Windows.
You can refer to the complete patch details for the full list of vulnerabilities resolved, and advisories, in the September 2022 Patch here.
Azure Active Directory Security – Download Free E-Book
Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious…
A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.…
Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that…
The source code and documentation of the Italian anti-piracy platform Privacy Shield have reportedly been…
Wireshark remains the go-to choice for both professionals and enthusiasts due to its unmatched capabilities…