Nov 22, 2024
September Patch Tuesday Fixes Actively Exploited Zero Day and RCE Flaws
Microsoft’s September Patch Tuesday update includes fixes for 63 vulnerabilities. There are five high-severity remote code execution vulnerabilities along with an actively exploited zero-day vulnerability.
Products that include the critical RCE vulnerabilities are as follows:
- Microsoft Dynamics (CVSS: 8.8): CVE-2022-34700 and CVE-2022-35805
- Windows IKE Extension (CVSS: 9.8): CVE-2022-34721 and CVE-2022-34722
- Windows TCP/IP (CVSS: 9.8): CVE-2022-34718
There are a total of 30 RCE and 18 privilege escalation flaws on the complete list. For a list of updated products, see Microsoft’s release note.
Details of the Zero-Day
The currently patched active zero-day vulnerability is identified as “Windows Common Log File System Driver Elevation of Privilege Vulnerability” (CVE-2022-37969). System privileges might be obtained by an attacker who successfully exploited this vulnerability.
The target system must already be accessible to an attacker who is able to run code on it. If the attacker does not already have that capability on the target machine, this method does not permit remote code execution.
Microsoft did not share information about the attacks that took use of this vulnerability. It is currently unclear if it was applied manually by threat actors or malware.
For reporting this vulnerability, Microsoft credited Quan Jin with DBAPPSecurity, Genwei Jiang with Mandiant, Flare OTF, CrowdStrike, and Zscaler ThreatLabz.
The other publicly disclosed vulnerability is an Arm Cache Speculation Restriction problem, identified as CVE-2022-23960.
Apply the Patches
Update your Microsoft products with the latest security patches to avoid any risks.
Microsoft also released Windows updates KB5017308, KB5017315, and KB5017328 for additional non-security-related fixes and enhanced performance.
Check Microsoft’s Security Update Guide to see all updates available.
The list of vulnerabilities in September Patch Tuesday:
|
Tag |
CVE ID |
|
.NET and Visual Studio |
|
|
.NET Framework |
|
|
Azure Arc |
|
|
Cache Speculation |
|
|
HTTP.sys |
|
|
Microsoft Dynamics |
|
|
Microsoft Dynamics |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Edge (Chromium-based) |
|
|
Microsoft Graphics Component |
|
|
Microsoft Graphics Component |
|
|
Microsoft Graphics Component |
|
|
Microsoft Graphics Component |
|
|
Microsoft Graphics Component |
|
|
Microsoft Office |
|
|
Microsoft Office SharePoint |
|
|
Microsoft Office SharePoint |
|
|
Microsoft Office SharePoint |
|
|
Microsoft Office SharePoint |
|
|
Microsoft Office Visio |
|
|
Microsoft Office Visio |
|
|
Microsoft Windows ALPC |
|
|
Microsoft Windows Codecs Library |
|
|
Microsoft Windows Codecs Library |
|
|
Network Device Enrollment Service (NDES) |
|
|
Role: DNS Server |
|
|
Role: Windows Fax Service |
|
|
SPNEGO Extended Negotiation |
|
|
Visual Studio Code |
|
|
Windows Common Log File System Driver |
|
|
Windows Common Log File System Driver |
|
|
Windows Credential Roaming Service |
|
|
Windows Defender |
|
|
Windows Distributed File System (DFS) |
|
|
Windows Data Protection Application Programming Interface |
|
|
Windows Enterprise App Management |
|
|
Windows Event Tracing |
|
|
Windows Group Policy |
|
|
Windows IKE Extension |
|
|
Windows IKE Extension |
|
|
Windows IKE Extension |
|
|
Windows Kerberos |
|
|
Windows Kerberos |
|
|
Windows Kernel |
|
|
Windows Kernel |
|
|
Windows Kernel |
|
|
Windows LDAP – Lightweight Directory Access Protocol |
|
|
Windows ODBC Driver |
|
|
Windows ODBC Driver |
|
|
Windows ODBC Driver |
|
|
Windows ODBC Driver |
|
|
Windows ODBC Driver |
|
|
Windows OLE |
|
|
Windows OLE |
|
|
Windows OLE |
|
|
Windows OLE |
|
|
Windows OLE |
|
|
Windows OLE |
|
|
Windows Photo Import API |
|
|
Windows Print Spooler Components |
|
|
Windows Remote Access Connection Manager |
|
|
Windows Remote Procedure Call |
|
|
Windows TCP/IP |
|
|
Windows Transport Security Layer (TLS) |
|
|
Windows Transport Security Layer (TLS) |
Related Articles
Subscribe to our newsletter and stay updated on the latest insights!
