Cyber Security

Microsoft’s Newest Safety Replace Fixes 64 New Flaws, Together with a Zero-Day

Microsoft’s Newest Safety Replace Fixes 64 New Flaws, Together with a Zero-Day
Written by admin


Microsoft’s Newest Safety Replace Fixes 64 New Flaws, Together with a Zero-Day

Tech large Microsoft on Tuesday shipped fixes to quash 64 new safety flaws throughout its software program lineup, together with one zero-day flaw that has been actively exploited in real-world assaults.

Of the 64 bugs, 5 are rated Crucial, 57 are rated Necessary, one is rated Reasonable, and one is rated Low in severity. The patches are along with 16 vulnerabilities that Microsoft addressed in its Chromium-based Edge browser earlier this month.

“By way of CVEs launched, this Patch Tuesday might seem on the lighter aspect compared to different months,” Bharat Jogi, director of vulnerability and risk analysis at Qualys, mentioned in a press release shared with The Hacker Information.

“Nonetheless, this month hit a large milestone for the calendar 12 months, with MSFT having mounted the one thousandth CVE of 2022 – possible on monitor to surpass 2021 which patched 1,200 CVEs in complete.”

CyberSecurity

The actively exploited vulnerability in query is CVE-2022-37969 (CVSS rating: 7.8), a privilege escalation flaw affecting the Home windows Widespread Log File System (CLFS) Driver, which might be leveraged by an adversary to realize SYSTEM privileges on an already compromised asset.

“An attacker should have already got entry and the power to run code on the goal system. This system doesn’t enable for distant code execution in instances the place the attacker doesn’t have already got that capability on the goal system,” Microsoft mentioned in an advisory.

The tech large credited 4 totally different units of researchers from CrowdStrike, DBAPPSecurity, Mandiant, and Zscaler for reporting the flaw, which can be a sign of widespread exploitation within the wild, Greg Wiseman, product supervisor at Rapid7, mentioned in a press release.

CVE-2022-37969 can also be the second actively exploited zero-day flaw within the CLFS part after CVE-2022-24521 (CVSS rating: 7.8), the latter of which was resolved by Microsoft as a part of its April 2022 Patch Tuesday updates.

It isn’t instantly clear if CVE-2022-37969 is a patch bypass for CVE-2022-24521. Different vital flaws of observe are as follows –

  • CVE-2022-34718 (CVSS rating: 9.8) – Home windows TCP/IP Distant Code Execution Vulnerability
  • CVE-2022-34721 (CVSS rating: 9.8) – Home windows Web Key Trade (IKE) Protocol Extensions Distant Code Execution Vulnerability
  • CVE-2022-34722 (CVSS rating: 9.8) – Home windows Web Key Trade (IKE) Protocol Extensions Distant Code Execution Vulnerability
  • CVE-2022-34700 (CVSS rating: 8.8) – Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability
  • CVE-2022-35805 (CVSS rating: 8.8) – Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability

“An unauthenticated attacker might ship a specifically crafted IP packet to a goal machine that’s operating Home windows and has IPSec enabled, which might allow a distant code execution exploitation,” Microsoft mentioned about CVE-2022-34721 and CVE-2022-34722.

Additionally resolved by Microsoft are 15 distant code execution flaws in Microsoft ODBC Driver, Microsoft OLE DB Supplier for SQL Server, and Microsoft SharePoint Server and 5 privilege escalation bugs spanning Home windows Kerberos and Home windows Kernel.

The September launch is additional notable for patching yet one more elevation of privilege vulnerability within the Print Spooler module (CVE-2022-38005, CVSS rating: 7.8) that might be abused to acquire SYSTEM-level permissions.

CyberSecurity

Lastly, included within the raft of safety updates is a repair launched by chipmaker Arm for a speculative execution vulnerability referred to as Department Historical past Injection or Spectre-BHB (CVE-2022-23960) that got here to gentle earlier this March.

“This class of vulnerabilities poses a big headache to the organizations trying mitigation, as they usually require updates to the working methods, firmware and in some instances, a recompilation of purposes and hardening,” Jogi mentioned. “If an attacker efficiently exploits any such vulnerability, they may acquire entry to delicate data.”

Software program Patches from Different Distributors

Other than Microsoft, safety updates have additionally been launched by different distributors because the begin of the month to rectify dozens of vulnerabilities, together with —



About the author

admin

Leave a Comment