November 2022 Patch Tuesday: What Has Been Fixed?
November 2022 Patch Tuesday is a fact, addressing a total of 68 security vulnerabilities. The release contains fixes for a large number of Microsoft products, including:
- .NET Framework
- AMD CPU Branch
- Azure
- Azure Real Time Operating System
- Linux Kernel
- Microsoft Dynamics
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Network Policy Server (NPS)
- Open Source Software
- Role: Windows Hyper-V
- SysInternals
- Visual Studio
- Windows Advanced Local Procedure Call
- Windows ALPC
- Windows Bind Filter Driver
- Windows BitLocker
- Windows CNG Key Isolation Service
- Windows Devices Human Interface
- Windows Digital Media
- Windows DWM Core Library
- Windows Extensible File Allocation
- Windows Group Policy Preference Client
- Windows HTTP.sys
- Windows Kerberos
- Windows Mark of the Web (MOTW)
- Windows Netlogon
- Windows Network Address Translation (NAT)
- Windows ODBC Driver
- Windows Overlay Filter
- Windows Point-to-Point Tunneling Protocol
- Windows Print Spooler Components
- Windows Resilient File System (ReFS)
- Windows Scripting
- Windows Win32K
Six Zero-Day Vulnerabilities Fixed (CVE-2022-41128)
This month’s Patch Tuesday also contains fixes for a total of six actively exploited zero-days, two of which are the well-known ProxyNotShell bugs:
- CVE-2022-41040 also known as ProxyNotShell, rated 8.8 on CVSS: Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2022-41082 (the other ProxyNotShell issue) with a severity rating of 8.8: Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2022-41128 with a severity rating of 8.8: Windows Scripting Languages Remote Code Execution Vulnerability
- CVE-2022-41125 with a CVSS rating of 7.8: Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- CVE-2022-41073 with a CVSS score of 7.8: Windows Print Spooler Elevation of Privilege Vulnerability
- CVE-2022-41091 with a CVSS score of 5.4): Windows Mark of the Web Security Feature Bypass Vulnerability
What is a zero-day vulnerability?
Broadly said, a zero-day is an unknown exploit in the wild leveraging a vulnerability in software or hardware. The flaw can create various complications before anyone realizes that something is wrong, thus making it “zero-day.” More specifically, a zero-day vulnerability is a software bug that cybercriminals discover prior to the vendor becoming aware of the issue. Since the software vendor is unaware of it, there is no existing patch, making attacks highly possible to take place.
12 of the fixed vulnerabilities have been rated as critical, two – high, and the other 55 flaws are important. Another noteworthy vulnerability is CVE-2022-3723 – a type confusion issue in V8 JavaScript engine in Google Chrome which was reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast earlier this year. Google fixed the issue in an out-of-band patch in October.
“Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates,” Microsoft added in the official advisory.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: