• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
install latest windows update asap! patches issued for 6 actively

Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days

You are here: Home / General Cyber Security News / Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days
November 9, 2022

Microsoft’s most up-to-date spherical of every month security updates has been unveiled with fixes for 68 vulnerabilities spanning its software package portfolio, including patches for six actively exploited zero-days.

12 of the issues are rated Critical, two are rated Significant, and 55 are rated Crucial in severity. This also includes the weaknesses that had been closed out by OpenSSL the preceding week.

Also separately addressed at the begin of the month is an actively exploited flaw in Chromium-primarily based browsers (CVE-2022-3723) that was plugged by Google as part of an out-of-band update late final month.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“The big information is that two more mature zero-day CVEs affecting Exchange Server, designed general public at the end of September, have last but not least been fixed,” Greg Wiseman, product or service supervisor at Swift7, said in a assertion shared with The Hacker News.

“Prospects are recommended to update their Trade Server units promptly, irrespective of regardless of whether any beforehand recommended mitigation methods have been applied. The mitigation rules are no lengthier advisable when devices have been patched.”

The list of actively exploited vulnerabilities, which allow for privilege elevation and remote code execution, is as follows –

  • CVE-2022-41040 (CVSS score: 8.8) – Microsoft Trade Server Elevation of Privilege Vulnerability (aka ProxyNotShell)
  • CVE-2022-41082 (CVSS rating: 8.8) – Microsoft Trade Server Elevation of Privilege Vulnerability (aka ProxyNotShell)
  • CVE-2022-41128 (CVSS score: 8.8) – Windows Scripting Languages Distant Code Execution Vulnerability
  • CVE-2022-41125 (CVSS rating: 7.8) – Windows CNG Crucial Isolation Support Elevation of Privilege Vulnerability
  • CVE-2022-41073 (CVSS score: 7.8) – Windows Print Spooler Elevation of Privilege Vulnerability
  • CVE-2022-41091 (CVSS score: 5.4) – Windows Mark of the Web Security Function Bypass Vulnerability

Benoît Sevens and Clément Lecigne of Google’s Risk Investigation Team (TAG) have been credited with reporting CVE-2022-41128, which resides in the JScript9 element and happens when a goal is tricked into visiting a specially crafted web site.

CVE-2022-41091 is a person of the two security bypass flaws in Windows Mark of the Web (MoTW) that arrived to mild in recent months. It was not too long ago identified as weaponized by the Magniber ransomware actor to concentrate on people with bogus software package updates.

“An attacker can craft a malicious file that would evade Mark of the Web (MotW) defenses, resulting in a constrained loss of integrity and availability of security features these kinds of as Guarded Perspective in Microsoft Business office, which count on MotW tagging,” Microsoft reported in an advisory.

The second MotW flaw to be fixed is CVE-2022-41049 (aka ZippyReads). Reported by Analygence security researcher Will Dormann, it relates to a failure to established the Mark of the Web flag to extracted archive documents.

The two privilege escalation flaws in Print Spooler and the CNG Important Isolation Services are most likely to be abused by danger actors as a follow-up to an preliminary compromise and acquire Process privileges, Kev Breen, director of cyber risk study at Immersive Labs, mentioned.

“This better amount of access is essential to disable or tamper with security monitoring equipment before running credential attacks with tools like Mimikatz that can permit attackers to go laterally across a network,” Breen extra.

CyberSecurity

Four other Critical-rated vulnerabilities in the November patch really worth pointing out are privilege elevation flaws in Windows Kerberos (CVE-2022-37967), Kerberos RC4-HMAC (CVE-2022-37966), and Microsoft Trade Server (CVE-2022-41080), and a denial-of-service flaw influencing Windows Hyper-V (CVE-2022-38015).

The checklist of fixes for Critical flaws is tailended by four distant code execution vulnerabilities in the Level-to-Issue Tunneling Protocol (PPTP), all carrying CVSS scores of 8.1 (CVE-2022-41039, CVE-2022-41088, and CVE-2022-41044), and a different impacting Windows scripting languages JScript9 and Chakra (CVE-2022-41118).

In addition to these issues, the Patch Tuesday update also resolves a range of remote code execution flaws in Microsoft Excel, Word, ODBC Driver, Office environment Graphics, SharePoint Server, and Visible Studio, as perfectly as a selection of privilege escalation bugs in Acquire32k, Overlay Filter, and Group Coverage.

Software package Patches from Other Suppliers

Microsoft apart, security updates have also been produced by other distributors due to the fact the commence of the thirty day period to rectify quite a few vulnerabilities, which includes —

  • AMD
  • Android
  • Apple
  • Cisco
  • Citrix
  • CODESYS
  • Dell
  • F5
  • Fortinet
  • GitLab
  • Google Chrome
  • HP
  • IBM
  • Intel
  • Juniper Networks
  • Linux distributions Debian, Oracle Linux, Red Hat, SUSE, and Ubuntu
  • MediaTek
  • NVIDIA
  • Qualcomm
  • SAP
  • Schneider Electric powered
  • Siemens
  • Pattern Micro
  • VMware, and
  • WordPress

Found this short article appealing? Observe THN on Fb, Twitter  and LinkedIn to study more distinctive articles we publish.


Some components of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Insider Risk on the Rise: 12% of Employees Take IP When Leaving Jobs
Next Post: VMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software vmware warns of 3 new critical flaws affecting workspace one»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.