• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
three critical vulnerabilities and one zero day feature in microsoft's september

Three critical vulnerabilities and one zero-day feature in Microsoft’s September Patch Tuesday

You are here: Home / General Cyber Security News / Three critical vulnerabilities and one zero-day feature in Microsoft’s September Patch Tuesday
September 14, 2022

Getty Visuals

Microsoft has launched 79 whole patches as aspect of its month-to-month Patch Tuesday update, addressing a few critical-rated vulnerabilities and a single actively exploited zero-working day.

The update provides markedly fewer updates when compared to past month’s which observed 141 flaws set, like 17 critical-rated vulnerabilities – the next spherical of updates of the year.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The updates consisted of 64 CVEs influencing Microsoft products and an added 15 tracked issues impacting the Chromium-dependent Microsoft Edge browser.

Of the a few critical-rated vulnerabilities – all those with a severity score of 9. or bigger on the CVSS v3 scale – the standout flaw impacted techniques working the IPsec protocol which encrypts all internet protocol packets in a conversation session.

The distant code execution (RCE) vulnerability was marked by Microsoft as “more likely” to be exploited and could let an unauthenticated attacker to ship a specifically crafted IPv6 packet to an IPsec-enabled Windows node to attain code execution.

There is no sign that it has been exploited in the wild but with the attack complexity currently being thought of as ‘low’ and there currently being no require for any authentication at all, it is viewed as just one of the most critical issues for IT admins to tackle urgently.

Tracked as CVE-2022-34718, the Zero Day Initiative (ZDI) stated: “This critical-rated bug could enable a distant, unauthenticated attacker to execute code with elevated privileges on influenced units with out consumer interaction. 

“That officially puts it into the ‘wormable’ group and earns it a CVSS ranking of 9.8. On the other hand, only methods with IPv6 enabled and IPsec configured are susceptible. Whilst great news for some, if you are using IPv6 (as a lot of are), you are most likely jogging IPSec as very well. Surely examination and deploy this update swiftly.”

The two of the remaining two critical-rated vulnerabilities, the two rated 9.8/10 and tracked as CVE-2022-34721 and CVE-2022-34722 respectively, impression the Windows Internet Critical exchange (IKE) and can aid RCE.

Identical to the “exploitation extra likely” CVE-2022-34718, the two other major flaws can be carried out remotely and call for no privileges in order to exploit.

“The IKE protocol is a ingredient of IPsec made use of to established up security associations – relationships among products primarily based on shared security attributes,” said Tenable’s Security Reaction Team in a web site. 

“These vulnerabilities would enable an unauthenticated, remote attacker to mail a specifically crafted IP packet to a goal with IPsec enabled and achieve distant code execution. IPsec is utilised to safeguard sensitive details and is usually utilised in digital personal networks.”

The one actively-exploited zero-day (CVE-2022-37969) impacted a Windows Common Log File Process driver and could be utilized by an attacker to elevate their privileges to System amount.

It received a reduce-severity score of 7.8/10 on the CVSS v3 scale thanks to the attacker already needing to have neighborhood access to the target’s machine.

This degree of code-execution obtain could be attained either by having their fingers on the device’s keyboard (physical access) or remotely as a result of approaches this sort of as exploitation of another vulnerability or owning remote access via distant desktop protocol (RDP), for example.

“Bugs of this mother nature are often wrapped into some variety of social engineering attack, these types of as convincing another person to open a file or simply click a connection,” said the ZDI. “Once they do, more code executes with elevated privileges to choose above a system.

“Usually, we get minimal information and facts on how widespread an exploit may perhaps be applied. On the other hand, Microsoft credits 4 distinct businesses reporting this bug, so it is likely over and above just qualified attacks.”

The entire record of vulnerabilities patched by Microsoft in September’s Patch Tuesday can be located on its dashboard.


Some pieces of this report are sourced from:
www.itpro.co.uk

Previous Post: «sophos xgs 116 review: a small and mighty appliance Sophos XGS 116 review: A small and mighty appliance
Next Post: Trend Micro cautions against actively exploited Apex One RCE vulnerability trend micro cautions against actively exploited apex one rce vulnerability»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.