Cyber Security

Microsoft’s Newest Safety Replace Fixes 64 New Flaws, Together with a Zero-Day


Tech big Microsoft on Tuesday shipped fixes to quash 64 new safety flaws throughout its software program lineup, together with one zero-day flaw that has been actively exploited in real-world assaults.

Of the 64 bugs, 5 are rated Essential, 57 are rated Essential, one is rated Average, and one is rated Low in severity. The patches are along with 16 vulnerabilities that Microsoft addressed in its Chromium-based Edge browser earlier this month.

“When it comes to CVEs launched, this Patch Tuesday might seem on the lighter facet compared to different months,” Bharat Jogi, director of vulnerability and risk analysis at Qualys, stated in an announcement shared with The Hacker Information.

“Nevertheless, this month hit a large milestone for the calendar 12 months, with MSFT having fastened the a thousandth CVE of 2022 – possible on monitor to surpass 2021, which patched 1,200 CVEs in complete.”

CyberSecurity

The actively exploited vulnerability in query is CVE-2022-37969 (CVSS rating: 7.8), a privilege escalation flaw affecting the Home windows Widespread Log File System (CLFS) Driver, which might be leveraged by an adversary to realize SYSTEM privileges on an already compromised asset.

“An attacker should have already got entry and the power to run code on the goal system. This method doesn’t enable for distant code execution in instances the place the attacker doesn’t have already got that capability on the goal system,” Microsoft stated in an advisory.

The tech big credited 4 totally different units of researchers from CrowdStrike, DBAPPSecurity, Mandiant, and Zscaler for reporting the flaw, which can be a sign of widespread exploitation within the wild, Greg Wiseman, product supervisor at Rapid7, stated in an announcement.

CVE-2022-37969 can be the second actively exploited zero-day flaw within the CLFS element after CVE-2022-24521 (CVSS rating: 7.8) for the reason that begin of the 12 months, the latter of which was resolved by Microsoft as a part of its April 2022 Patch Tuesday updates.

It is not instantly clear if CVE-2022-37969 is a patch bypass for CVE-2022-24521. Different important flaws of be aware are as follows –

  • CVE-2022-34718 (CVSS rating: 9.8) – Home windows TCP/IP Distant Code Execution Vulnerability
  • CVE-2022-34721 (CVSS rating: 9.8) – Home windows Web Key Alternate (IKE) Protocol Extensions Distant Code Execution Vulnerability
  • CVE-2022-34722 (CVSS rating: 9.8) – Home windows Web Key Alternate (IKE) Protocol Extensions Distant Code Execution Vulnerability
  • CVE-2022-34700 (CVSS rating: 8.8) – Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability
  • CVE-2022-35805 (CVSS rating: 8.8) – Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability

“An unauthenticated attacker might ship a specifically crafted IP packet to a goal machine that’s operating Home windows and has IPSec enabled, which might allow a distant code execution exploitation,” Microsoft stated about CVE-2022-34721 and CVE-2022-34722.

Additionally resolved by Microsoft are 15 distant code execution flaws in Microsoft ODBC Driver, Microsoft OLE DB Supplier for SQL Server, and Microsoft SharePoint Server and 5 privilege escalation bugs spanning Home windows Kerberos and Home windows Kernel.

The September launch is additional notable for patching yet one more elevation of privilege vulnerability within the Print Spooler module (CVE-2022-38005, CVSS rating: 7.8) that might be abused to acquire SYSTEM-level permissions.

CyberSecurity

Lastly, included within the raft of safety updates is a repair launched by chipmaker Arm for a speculative execution vulnerability referred to as Department Historical past Injection or Spectre-BHB (CVE-2022-23960) that got here to mild earlier this March.

“This class of vulnerabilities poses a big headache to the organizations trying mitigation, as they typically require updates to the working methods, firmware and in some instances, a recompilation of purposes and hardening,” Jogi stated. “If an attacker efficiently exploits any such vulnerability, they might achieve entry to delicate info.”

Software program Patches from Different Distributors

Apart from Microsoft, safety updates have additionally been launched by different distributors for the reason that begin of the month to rectify dozens of vulnerabilities, together with —



What's your reaction?

Leave A Reply

Your email address will not be published.