Microsoft October 2022 Patch Tuesday

October’s Patch Tuesday was released to fix security flaws in some products such as Active Directory Domain Services, Azure, Microsoft Edge (Chromium-based), Microsoft Office, Remote Access Service Point-to-Point Tunneling Protocol, Windows Active Directory Certificate Services, Windows Defender, Windows DHCP Client, Windows Event Logging Service, Windows Group Policy, Windows Kernel, Windows Secure Channel, Windows TCP/IP, and Windows Workstation Service.

The actively exploited zero-day vulnerability tracked as (CVE-2022-41033) could allow the attacker to gain SYSTEM privileges by executing a specially-crafted program, due to a flaw in the COM+ Event System Service.

The other zero-day vulnerability tracked as (CVE-2022-41043) which is Microsoft Office information disclosure vulnerability, that could allow the attacker to disclose sensitive information (user tokens) to launch further attacks.

Samples of the addressed vulnerabilities:

1. Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability (CVE-2022-37968):

• CVSS: 10
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Privileges

2. Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2022-41038):

• CVSS: 8.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: None
• Consequences: Gain Access

3. Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2022-37976):

• CVSS: 8.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: None
• Consequences: Gain Privileges