SOCRadar® Cyber Intelligence Inc. | Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and 13 Critical Flaws
Home

Resources

Blog
Oct 12, 2022
13 Mins Read

Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and 13 Critical Flaws

Microsoft Patch Tuesday for this month fixes a total of 84 vulnerabilities, including an actively exploited zero-day flaw. All the vulnerabilities are high-severity, with 13 critical ones that could lead to remote code executionprivilege escalation, or spoofing

The actively exploited zero-day vulnerability, tracked as CVE-2022-41033 (CVSS score: 7.8), was a privilege escalation vulnerability found in Windows COM+ Event System Service. According to Microsoft’s advisory, successful exploitation of this vulnerability could enable an attacker with System privileges. 

CVE-2022-41043 (CVSS score: 3.3), a Microsoft Office information disclosure vulnerability, was another zero-day. 

The critical vulnerabilities and their details are listed below:

Affected Service

CVE ID / CVSS

Vulnerability Type

Azure Arc

CVE-2022-37968

(CVSS score: 10.0)

Elevation of Privilege

Microsoft Office SharePoint

CVE-2022-41038

(CVSS score: 8.8)

Remote Code Execution

Windows Active Directory Certificate Services

CVE-2022-37976

(CVSS score: 8.8)

Elevation of Privilege

Windows Point-to-Point Tunneling Protocol

CVE-2022-41081

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-33634

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-22035

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-24504

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-38047

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-30198

(CVSS score: 8.1)

Remote Code Execution

Windows Point-to-Point Tunneling Protocol

CVE-2022-38000

(CVSS score: 8.1)

Remote Code Execution

Role: Windows Hyper-V

CVE-2022-37979

(CVSS score: 7.8)

Elevation of Privilege

Microsoft Office

CVE-2022-38048

(CVSS score: 7.8)

Remote Code Execution

Windows CryptoAPI

CVE-2022-34689

(CVSS score: 7.5)

Spoofing

The complete list contains a total of 20 RCE and 39 privilege escalation flaws. See Microsoft’s release note for a list of updated products.

Two Actively Exploited Zero-Days Are Not Fixed Yet 

Unfortunately, Microsoft has not yet made security fixes for two actively exploited zero-day vulnerabilities identified as CVE-2022-41040 and CVE-2022-41082, also known as ProxyNotShell

Applying mitigations for those vulnerabilities can be done by visiting this blog post. As soon as fixes are available, Microsoft will release updates for CVE-2022-41040 and CVE-2022-41082. 

Complete List of Patched Vulnerabilities

CVE

Title

Exploited

Publicly Disclosed

CVSSv3

Has FAQ

Azure Vulnerabilities

CVE-2022-37968

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability

No

No

10

Yes

CVE-2022-38017

StorSimple 8000 Series Elevation of Privilege Vulnerability

No

No

6.8

Yes

CVE-2022-35829

Service Fabric Explorer Spoofing Vulnerability

No

No

6.2

Yes

Microsoft Office Vulnerabilities

CVE-2022-41038

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-41031

Microsoft Word Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-38048

Microsoft Office Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-38049

Microsoft Office Graphics Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-38001

Microsoft Office Spoofing Vulnerability

No

No

6.5

Yes

CVE-2022-41043

Microsoft Office Information Disclosure Vulnerability

No

Yes

3.3

Yes

Developer Tools Vulnerabilities

CVE-2022-41083

Visual Studio Code Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-41034

Visual Studio Code Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-41042

Visual Studio Code Information Disclosure Vulnerability

No

No

7.4

Yes

Browser Vulnerabilities

CVE-2022-41035

Microsoft Edge (Chromium-based) Spoofing Vulnerability

No

No

8.3

Yes

CVE-2022-3373

Chromium: CVE-2022-3373 Out of bounds write in V8

No

No

N/A

Yes

CVE-2022-3370

Chromium: CVE-2022-3370 Use after free in Custom Elements

No

No

N/A

Yes

CVE-2022-3317

Chromium: CVE-2022-3317 Insufficient validation of untrusted input in Intents

No

No

N/A

Yes

CVE-2022-3316

Chromium: CVE-2022-3316 Insufficient validation of untrusted input in Safe Browsing

No

No

N/A

Yes

CVE-2022-3315

Chromium: CVE-2022-3315 Type confusion in Blink

No

No

N/A

Yes

CVE-2022-3313

Chromium: CVE-2022-3313 Incorrect security UI in Full Screen

No

No

N/A

Yes

CVE-2022-3311

Chromium: CVE-2022-3311 Use after free in Import

No

No

N/A

Yes

CVE-2022-3310

Chromium: CVE-2022-3310 Insufficient policy enforcement in Custom Tabs

No

No

N/A

Yes

CVE-2022-3308

Chromium: CVE-2022-3308 Insufficient policy enforcement in Developer Tools

No

No

N/A

Yes

CVE-2022-3307

Chromium: CVE-2022-3307 Use after free in Media

No

No

N/A

Yes

CVE-2022-3304

Chromium: CVE-2022-3304 Use after free in CSS

No

No

N/A

Yes

System Center Vulnerabilities

CVE-2022-37971

Microsoft Windows Defender Elevation of Privilege Vulnerability

No

No

7.1

Yes

Windows Vulnerabilities

CVE-2022-38016

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

No

No

8.8

Yes

CVE-2022-38045

Server Service Remote Protocol Elevation of Privilege Vulnerability

No

No

8.8

Yes

CVE-2022-37984

Windows WLAN Service Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38003

Windows Resilient File System Elevation of Privilege

No

No

7.8

Yes

CVE-2022-38028

Windows Print Spooler Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38039

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37995

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37979

Windows Hyper-V Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37970

Windows DWM Core Library Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37980

Windows DHCP Client Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38050

Win32k Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37983

Microsoft DWM Core Library Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37998

Windows Local Session Manager (LSM) Denial of Service Vulnerability

No

No

7.7

Yes

CVE-2022-37973

Windows Local Session Manager (LSM) Denial of Service Vulnerability

No

No

7.7

Yes

CVE-2022-38036

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

No

No

7.5

No

CVE-2022-38027

Windows Storage Elevation of Privilege Vulnerability

No

No

7

Yes

CVE-2022-38021

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

No

No

7

Yes

CVE-2022-37974

Windows Mixed Reality Developer Tools Information Disclosure Vulnerability

No

No

6.5

Yes

CVE-2022-38046

Web Account Manager Information Disclosure Vulnerability

No

No

6.2

Yes

CVE-2022-37965

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

No

No

5.9

Yes

CVE-2022-37996

Windows Kernel Memory Information Disclosure Vulnerability

No

No

5.5

Yes

CVE-2022-38025

Windows Distributed File System (DFS) Information Disclosure Vulnerability

No

No

5.5

Yes

CVE-2022-38030

Windows USB Serial Driver Information Disclosure Vulnerability

No

No

4.3

Yes

Windows ESU Vulnerabilities

CVE-2022-37982

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-38031

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-38040

Microsoft ODBC Driver Remote Code Execution Vulnerability

No

No

8.8

Yes

CVE-2022-37976

Active Directory Certificate Services Elevation of Privilege Vulnerability

No

No

8.8

Yes

CVE-2022-30198

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-22035

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-24504

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-33634

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-38047

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-38000

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-41081

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

No

No

8.1

Yes

CVE-2022-37986

Windows Win32k Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37988

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38037

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38038

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37990

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37991

Windows Kernel Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37999

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37993

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37994

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37975

Windows Group Policy Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-38051

Windows Graphics Component Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37997

Windows Graphics Component Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-33635

Windows GDI+ Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-37987

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-37989

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

No

No

7.8

Yes

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

Yes

No

7.8

Yes

CVE-2022-38044

Windows CD-ROM File System Driver Remote Code Execution Vulnerability

No

No

7.8

Yes

CVE-2022-33645

Windows TCP/IP Driver Denial of Service Vulnerability

No

No

7.5

No

CVE-2022-38041

Windows Secure Channel Denial of Service Vulnerability

No

No

7.5

No

CVE-2022-34689

Windows CryptoAPI Spoofing Vulnerability

No

No

7.5

Yes

CVE-2022-37978

Windows Active Directory Certificate Services Security Feature Bypass

No

No

7.5

Yes

CVE-2022-38042

Active Directory Domain Services Elevation of Privilege Vulnerability

No

No

7.1

Yes

CVE-2022-38029

Windows ALPC Elevation of Privilege Vulnerability

No

No

7

Yes

CVE-2022-38033

Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability

No

No

6.5

Yes

CVE-2022-35770

Windows NTLM Spoofing Vulnerability

No

No

6.5

Yes

CVE-2022-37977

Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

No

No

6.5

No

CVE-2022-38032

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability

No

No

5.9

Yes

CVE-2022-38043

Windows Security Support Provider Interface Information Disclosure Vulnerability

No

No

5.5

Yes

CVE-2022-37985

Windows Graphics Component Information Disclosure Vulnerability

No

No

5.5

Yes

CVE-2022-38026

Windows DHCP Client Information Disclosure Vulnerability

No

No

5.5

Yes

CVE-2022-38034

Windows Workstation Service Elevation of Privilege Vulnerability

No

No

4.3

Yes

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

No

No

4.3

Yes

CVE-2022-38022

Windows Kernel Elevation of Privilege Vulnerability

No

No

2.5

Yes