Microsoft September 2022 Patch Tuesday

Published: 2022-09-13. Last Updated: 2022-09-13 17:32:31 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 79 vulnerabilities. Of these, 5 are critical, 2 were previously disclosed, and 1 is already being exploited, according to Microsoft.

The exploited vulnerability is an elevation of privilege in Windows Common Log File System Driver (CVE-2022-37969). According to the exploit, an attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The attack vector is local, and requires no user interaction. The CVSS for this vulnerability is 7.8.

Amongst critical vulnerabilities, there is a Remote Code Execution (RCE) affecting Windows Internet Key Exchange (IKE) Protocol Extensions (CVE-2022-34721). An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation. Although this vulnerability affects just IKEv1, all Windows Servers versions are affected as V1, and V2 packets are accepted. The attack vector is ‘network’, no user interaction and privileges are required, and the attack complexity is low. This vulnerability brings together the characteristics of a wormable vulnerability that you should give attention to and apply the patch as soon as possible. The CVSS for this vulnerability is 9.80.

Another critical vulnerability is an RCE affecting Windows TCP/IP (CVE-2022-34718). An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. Only systems with the IPSec service running are vulnerable to this attack. As the previous one, this vulnerability brings together the characteristics of a wormable vulnerability. The CVSS for this vulnerability is 9.80 as well. 

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

September 2022 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2022-38013 No No Less Likely Less Likely Important 7.5 6.5
.NET Framework Remote Code Execution Vulnerability
CVE-2022-26929 No No Less Likely Less Likely Important 7.8 6.8
AV1 Video Extension Remote Code Execution Vulnerability
CVE-2022-38019 No No Less Likely Less Likely Important 7.8 6.8
Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability
CVE-2022-23960 Yes No Less Likely Less Likely Important    
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
CVE-2022-38007 No No Less Likely Less Likely Important 7.8 7.0
Chromium: CVE-2022-3038 Use after free in Network Service
CVE-2022-3038 No No - - -    
Chromium: CVE-2022-3039 Use after free in WebSQL
CVE-2022-3039 No No - - -    
Chromium: CVE-2022-3040 Use after free in Layout
CVE-2022-3040 No No - - -    
Chromium: CVE-2022-3041 Use after free in WebSQL
CVE-2022-3041 No No - - -    
Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation
CVE-2022-3044 No No - - -    
Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8
CVE-2022-3045 No No - - -    
Chromium: CVE-2022-3046 Use after free in Browser Tag
CVE-2022-3046 No No - - -    
Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API
CVE-2022-3047 No No - - -    
Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock
CVE-2022-3053 No No - - -    
Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools
CVE-2022-3054 No No - - -    
Chromium: CVE-2022-3055 Use after free in Passwords
CVE-2022-3055 No No - - -    
Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy
CVE-2022-3056 No No - - -    
Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox
CVE-2022-3057 No No - - -    
Chromium: CVE-2022-3058 Use after free in Sign-In Flow
CVE-2022-3058 No No - - -    
Chromium: CVE-2022-3075 Insufficient data validation in Mojo
CVE-2022-3075 No No - - -    
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2022-37954 No No More Likely More Likely Important 7.8 6.8
HTTP V3 Denial of Service Vulnerability
CVE-2022-35838 No No Less Likely Less Likely Important 7.5 6.5
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
CVE-2022-35828 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
CVE-2022-35805 No No Less Likely Less Likely Critical 8.8 7.7
CVE-2022-34700 No No Less Likely Less Likely Critical 8.8 7.7
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-38012 No No Less Likely Less Likely Low 7.7 6.7
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34726 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-34727 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-34730 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-34732 No No Unlikely Unlikely Important 8.8 7.7
CVE-2022-34734 No No Less Likely Less Likely Important 8.8 7.7
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-35834 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-35835 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-35836 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-35840 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-34731 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-34733 No No Less Likely Less Likely Important 8.8 7.7
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-38010 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-37963 No No Less Likely Less Likely Important 7.8 6.8
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2022-37962 No No Less Likely Less Likely Important 7.8 6.8
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2022-35823 No No Unlikely Unlikely Important 8.1 7.1
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38008 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-38009 No No Less Likely Less Likely Important 8.8 7.7
CVE-2022-37961 No No Unlikely Unlikely Important 8.8 7.7
Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability
CVE-2022-37959 No No Less Likely Less Likely Important 6.5 5.7
Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-38011 No No Less Likely Less Likely Important 7.3 6.4
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-35830 No No Less Likely Less Likely Important 8.1 7.1
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability
CVE-2022-37958 No No Less Likely Less Likely Important 7.5 6.5
Visual Studio Code Elevation of Privilege Vulnerability
CVE-2022-38020 No No Less Likely Less Likely Important 7.3 6.4
Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-34725 No No More Likely More Likely Important 7.0 6.1
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-35803 No No More Likely More Likely Important 7.8 6.8
CVE-2022-37969 Yes Yes Detected Detected Important 7.8 6.8
Windows Credential Roaming Service Elevation of Privilege Vulnerability
CVE-2022-30170 No No Less Likely Less Likely Important 7.3 6.4
Windows DNS Server Denial of Service Vulnerability
CVE-2022-34724 No No Less Likely Less Likely Important 7.5 6.5
Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability
CVE-2022-34723 No No Less Likely Less Likely Important 5.5 4.8
Windows Distributed File System (DFS) Elevation of Privilege Vulnerability
CVE-2022-34719 No No Less Likely Less Likely Important 7.8 6.8
Windows Enterprise App Management Service Remote Code Execution Vulnerability
CVE-2022-35841 No No Less Likely Less Likely Important 8.8 7.7
Windows Event Tracing Denial of Service Vulnerability
CVE-2022-35832 No No Less Likely Less Likely Important 5.5 4.8
Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-38004 No No Less Likely Less Likely Important 7.8 6.8
Windows GDI Elevation of Privilege Vulnerability
CVE-2022-34729 No No More Likely More Likely Important 7.8 7.0
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-35837 No No Less Likely Less Likely Important 5.0 4.4
CVE-2022-34728 No No Less Likely Less Likely Important 5.5 4.8
CVE-2022-38006 No No Less Likely Less Likely Important 6.5 5.7
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37955 No No Less Likely Less Likely Important 7.8 6.8
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-34720 No No Less Likely Less Likely Important 7.5 6.5
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2022-34721 No No Less Likely Less Likely Critical 9.8 8.5
CVE-2022-34722 No No Less Likely Less Likely Critical 9.8 8.5
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-33679 No No Less Likely Less Likely Important 8.1 7.3
CVE-2022-33647 No No Less Likely Less Likely Important 8.1 7.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37964 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-37956 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-37957 No No More Likely More Likely Important 7.8 6.8
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30200 No No Less Likely Less Likely Important 7.8 6.8
Windows Photo Import API Elevation of Privilege Vulnerability
CVE-2022-26928 No No Less Likely Less Likely Important 7.0 6.1
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-38005 No No Unlikely Unlikely Important 7.8 6.8
Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2022-35831 No No Less Likely Less Likely Important 5.5 4.8
Windows Secure Channel Denial of Service Vulnerability
CVE-2022-30196 No No Less Likely Less Likely Important 8.2 7.1
CVE-2022-35833 No No Less Likely Less Likely Important 7.5 6.5
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2022-34718 No No More Likely More Likely Critical 9.8 8.5

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
0 comment(s)
ISC Stormcast For Tuesday, September 13th, 2022 https://isc.sans.edu/podcastdetail.html?id=8170

Comments


Diary Archives