Advisory for Microsoft Security Update

  • NIC-CERT/2022-10/436
  • Date: 2022-10-12
  • CVE ID: Multiple
  • Severity: Critical

Description:

Microsoft has released October 2022 Patch Tuesday to address vulnerability in Microsoft products and services. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Security Issues Fixed:

Microsoft has fixed 84vulnerabilities with today's update, with thirteen classifieds as Critical as they allow privilege elevation, spoofing, or remote code execution. This month's Patch Tuesday fixes two publicly zero-day vulnerabilities, one actively exploited in attacks, and one publicly disclosed.

Tag

CVE ID

CVE Title

Active Directory Domain Services

CVE-2022-38042

Active Directory Domain Services Elevation of Privilege Vulnerability

Azure

CVE-2022-38017

StorSimple 8000 Series Elevation of Privilege Vulnerability

Azure Arc

CVE-2022-37968

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability

Client Server Run-time Subsystem (CSRSS)

CVE-2022-37987

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Client Server Run-time Subsystem (CSRSS)

CVE-2022-37989

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

Microsoft Edge (Chromium-based)

CVE-2022-3311

Chromium: CVE-2022-3311 Use after free in Import

Microsoft Edge (Chromium-based)

CVE-2022-3313

Chromium: CVE-2022-3313 Incorrect security UI in Full Screen

Microsoft Edge (Chromium-based)

CVE-2022-3315

Chromium: CVE-2022-3315 Type confusion in Blink

Microsoft Edge (Chromium-based)

CVE-2022-3370

Chromium: CVE-2022-3370 Use after free in Custom Elements

Microsoft Edge (Chromium-based)

CVE-2022-3373

Chromium: CVE-2022-3373 Out of bounds write in V8

Microsoft Edge (Chromium-based)

CVE-2022-3316

Chromium: CVE-2022-3316 Insufficient validation of untrusted input in Safe Browsing

Microsoft Edge (Chromium-based)

CVE-2022-3317

Chromium: CVE-2022-3317 Insufficient validation of untrusted input in Intents

Microsoft Edge (Chromium-based)

CVE-2022-3310

Chromium: CVE-2022-3310 Insufficient policy enforcement in Custom Tabs

Microsoft Edge (Chromium-based)

CVE-2022-3304

Chromium: CVE-2022-3304 Use after free in CSS

Microsoft Edge (Chromium-based)

CVE-2022-41035

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Microsoft Edge (Chromium-based)

CVE-2022-3308

Chromium: CVE-2022-3308 Insufficient policy enforcement in Developer Tools

Microsoft Edge (Chromium-based)

CVE-2022-3307

Chromium: CVE-2022-3307 Use after free in Media

Microsoft Graphics Component

CVE-2022-37986

Windows Win32k Elevation of Privilege Vulnerability

Microsoft Graphics Component

CVE-2022-38051

Windows Graphics Component Elevation of Privilege Vulnerability

Microsoft Graphics Component

CVE-2022-37997

Windows Graphics Component Elevation of Privilege Vulnerability

Microsoft Graphics Component

CVE-2022-37985

Windows Graphics Component Information Disclosure Vulnerability

Microsoft Graphics Component

CVE-2022-33635

Windows GDI+ Remote Code Execution Vulnerability

Microsoft Office

CVE-2022-38001

Microsoft Office Spoofing Vulnerability

Microsoft Office

CVE-2022-38048

Microsoft Office Remote Code Execution Vulnerability

Microsoft Office

CVE-2022-41043

Microsoft Office Information Disclosure Vulnerability

Microsoft Office SharePoint

CVE-2022-38053

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Office SharePoint

CVE-2022-41036

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Office SharePoint

CVE-2022-41038

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Office SharePoint

CVE-2022-41037

Microsoft SharePoint Server Remote Code Execution Vulnerability

Microsoft Office Word

CVE-2022-41031

Microsoft Word Remote Code Execution Vulnerability

Microsoft Office Word

CVE-2022-38049

Microsoft Office Graphics Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL

CVE-2022-37982

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL

CVE-2022-38031

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

NuGet Client

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability

Remote Access Service Point-to-Point Tunneling Protocol

CVE-2022-37965

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

Role: Windows Hyper-V

CVE-2022-37979

Windows Hyper-V Elevation of Privilege Vulnerability

Service Fabric

CVE-2022-35829

Service Fabric Explorer Spoofing Vulnerability

Visual Studio Code

CVE-2022-41042

Visual Studio Code Information Disclosure Vulnerability

Visual Studio Code

CVE-2022-41034

Visual Studio Code Remote Code Execution Vulnerability

Visual Studio Code

CVE-2022-41083

Visual Studio Code Elevation of Privilege Vulnerability

Windows Active Directory Certificate Services

CVE-2022-37978

Windows Active Directory Certificate Services Security Feature Bypass

Windows Active Directory Certificate Services

CVE-2022-37976

Active Directory Certificate Services Elevation of Privilege Vulnerability

Windows ALPC

CVE-2022-38029

Windows ALPC Elevation of Privilege Vulnerability

Windows CD-ROM Driver

CVE-2022-38044

Windows CD-ROM File System Driver Remote Code Execution Vulnerability

Windows COM+ Event System Service

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

Windows Connected User Experiences and Telemetry

CVE-2022-38021

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

Windows CryptoAPI

CVE-2022-34689

Windows CryptoAPI Spoofing Vulnerability

Windows Defender

CVE-2022-37971

Microsoft Windows Defender Elevation of Privilege Vulnerability

Windows DHCP Client

CVE-2022-38026

Windows DHCP Client Information Disclosure Vulnerability

Windows DHCP Client

CVE-2022-37980

Windows DHCP Client Elevation of Privilege Vulnerability

Windows Distributed File System (DFS)

CVE-2022-38025

Windows Distributed File System (DFS) Information Disclosure Vulnerability

Windows DWM Core Library

CVE-2022-37970

Windows DWM Core Library Elevation of Privilege Vulnerability

Windows DWM Core Library

CVE-2022-37983

Microsoft DWM Core Library Elevation of Privilege Vulnerability

Windows Event Logging Service

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

Windows Group Policy

CVE-2022-37975

Windows Group Policy Elevation of Privilege Vulnerability

Windows Group Policy Preference Client

CVE-2022-37994

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

Windows Group Policy Preference Client

CVE-2022-37993

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

Windows Group Policy Preference Client

CVE-2022-37999

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

Windows Internet Key Exchange (IKE) Protocol

CVE-2022-38036

Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability

Windows Kernel

CVE-2022-37988

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-38037

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-37990

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-38038

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-38039

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-37995

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-37991

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel

CVE-2022-38022

Windows Kernel Elevation of Privilege Vulnerability

Windows Local Security Authority (LSA)

CVE-2022-38016

Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

Windows Local Security Authority Subsystem Service (LSASS)

CVE-2022-37977

Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Windows Local Session Manager (LSM)

CVE-2022-37973

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Windows Local Session Manager (LSM)

CVE-2022-37998

Windows Local Session Manager (LSM) Denial of Service Vulnerability

Windows NTFS

CVE-2022-37996

Windows Kernel Memory Information Disclosure Vulnerability

Windows NTLM

CVE-2022-35770

Windows NTLM Spoofing Vulnerability

Windows ODBC Driver

CVE-2022-38040

Microsoft ODBC Driver Remote Code Execution Vulnerability

Windows Perception Simulation Service

CVE-2022-37974

Windows Mixed Reality Developer Tools Information Disclosure Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-33634

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-22035

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-24504

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-38047

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-41081

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-30198

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Point-to-Point Tunneling Protocol

CVE-2022-38000

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

Windows Portable Device Enumerator Service

CVE-2022-38032

Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability

Windows Print Spooler Components

CVE-2022-38028

Windows Print Spooler Elevation of Privilege Vulnerability

Windows Resilient File System (ReFS)

CVE-2022-38003

Windows Resilient File System Elevation of Privilege

Windows Secure Channel

CVE-2022-38041

Windows Secure Channel Denial of Service Vulnerability

Windows Security Support Provider Interface

CVE-2022-38043

Windows Security Support Provider Interface Information Disclosure Vulnerability

Windows Server Remotely Accessible Registry Keys

CVE-2022-38033

Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability

Windows Server Service

CVE-2022-38045

Server Service Remote Protocol Elevation of Privilege Vulnerability

Windows Storage

CVE-2022-38027

Windows Storage Elevation of Privilege Vulnerability

Windows TCP/IP

CVE-2022-33645

Windows TCP/IP Driver Denial of Service Vulnerability

Windows USB Serial Driver

CVE-2022-38030

Windows USB Serial Driver Information Disclosure Vulnerability

Windows Web Account Manager

CVE-2022-38046

Web Account Manager Information Disclosure Vulnerability

Windows Win32K

CVE-2022-38050

Win32k Elevation of Privilege Vulnerability

Windows WLAN Service

CVE-2022-37984

Windows WLAN Service Elevation of Privilege Vulnerability

Windows Workstation Service

CVE-2022-38034

Windows Workstation Service Elevation of Privilege Vulnerability

Refer the below link for complete CVE list:

https://msrc.microsoft.com/update-guide/

Solution:
Users are advised to visit the below mentioned link and deploy necessary updates.

https://portal.msrc.microsoft.com/en-us/security-guidance

References:
https://msrc.microsoft.com/update-guide/releaseNote/