{"id":20566,"date":"2022-11-08T19:17:02","date_gmt":"2022-11-09T03:17:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/11\/08\/news-14299\/"},"modified":"2022-11-08T19:17:02","modified_gmt":"2022-11-09T03:17:02","slug":"news-14299","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/11\/08\/news-14299\/","title":{"rendered":"Patch Tuesday, November 2022 Election Edition"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Wed, 09 Nov 2022 01:50:14 +0000<\/strong><\/p>\n

Let’s face it: Having \u201c2022 election\u201d in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we’ve patched our Democracy, it seems fitting that Microsoft Corp.<\/strong> today released gobs of security patches for its ubiquitous Windows<\/strong> operating systems. November’s patch batch includes fixes for a whopping six zero-day security vulnerabilities<\/em> that miscreants and malware are already exploiting in the wild.<\/p>\n

\"\"<\/p>\n

Probably the scariest of the zero-day flaws is CVE-2022-41128<\/a>, a “critical” weakness in the Windows scripting languages that could be used to foist malicious software on vulnerable users who do nothing more than browse to a hacked or malicious site that exploits the weakness. Microsoft credits Google<\/strong> with reporting the vulnerability, which earned a CVSS score of 8.8.<\/p>\n

CVE-2022-41073<\/a> is a zero-day flaw in the Windows Print Spooler<\/strong>, a Windows component that Microsoft has patched mightily over the past year. Kevin Breen<\/strong>, director of cyber threat research at Immersive Labs<\/strong>, noted that the print spooler has been a popular target for vulnerabilities in the last 12 months, with this marking the 9th patch.<\/p>\n

The third zero-day Microsoft patched this month is CVE-2022-41125<\/a>, which is an “elevation of privilege” vulnerability in the Windows Cryptography API: Next Generation (CNG) Key Isolation Service, a service for isolating private keys. Satnam Narang<\/strong>, senior staff research engineer at Tenable<\/strong>, said exploitation of this vulnerability could grant an attacker SYSTEM privileges.<\/p>\n

The fourth zero-day, CVE-2022-41091<\/a>, was previously disclosed and widely reported on in October. It is a Security Feature Bypass of \u201cWindows Mark of the Web\u201d \u2013 a mechanism meant to flag files that have come from an untrusted source.<\/span><\/p>\n

The other two zero-day bugs Microsoft patched this month were for vulnerabilities being exploited in Exchange Server<\/strong>. News that these two Exchange flaws were being exploited in the wild surfaced in late September 2022<\/a>, and many were surprised when Microsoft let October’s Patch Tuesday sail by without issuing official patches for them (the company instead issued mitigation instructions that it was forced to revise multiple times). Today’s patch batch addresses both issues.<\/p>\n

Greg Wiseman<\/strong>, product manager at Rapid7<\/strong>, said the Exchange flaw CVE-2022-41040<\/a> is a \u201ccritical\u201d elevation of privilege vulnerability, and CVE-2022-41082<\/a> is considered Important, allowing Remote Code Execution (RCE) when PowerShell is accessible to the attacker.<\/p>\n

“Both vulnerabilities have been exploited in the wild,” Wiseman said. “Four other CVEs affecting Exchange Server have also been addressed this month. Three are rated as Important, and CVE-2022-41080<\/a> is another privilege escalation vulnerability considered Critical. Customers are advised to update their Exchange Server systems immediately, regardless of whether any previously recommended mitigation steps have been applied. The mitigation rules are no longer recommended once systems have been patched.”<\/p>\n

Adobe<\/strong> usually issues security updates for its products on Patch Tuesday, but it did not this month. For a closer look at the patches released by Microsoft today and indexed by severity and other metrics, check out the always-useful Patch Tuesday roundup<\/a>\u00a0from the\u00a0SANS Internet Storm Center<\/strong>. And it\u2019s not a bad idea to hold off updating for a few days until Microsoft works out any kinks in the updates:\u00a0AskWoody.com<\/a>\u00a0usually has the lowdown on any patches that may be causing problems for Windows users.<\/p>\n

As always, please consider backing up your system or at least your important documents and data before applying system updates. And if you run into any problems with these updates, please drop a note about it here in the comments.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Wed, 09 Nov 2022 01:50:14 +0000<\/strong><\/p>\n

Let’s face it: Having \u201c2022 election\u201d in the headline above is probably the only reason anyone might read this story today. Still, while most of us here in the United States are anxiously awaiting the results of how well we’ve patched our Democracy, it seems fitting that Microsoft Corp. today released gobs of security patches for its ubiquitous Windows operating systems. November’s patch batch includes fixes for a whopping six zero-day security vulnerabilities that miscreants and malware are already exploiting in the wild.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[27915,27916,27917,27612,27918,27919,27920,24626,24627,10516,27921,15801,20501,20502,16936,10525,26090],"class_list":["post-20566","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-askwoody","tag-cve-2022-41073","tag-cve-2022-41080","tag-cve-2022-41082","tag-cve-2022-41091","tag-cve-2022-41125","tag-cve-2022-41128","tag-immersive-labs","tag-kevin-breen","tag-microsoft","tag-microsoft-patch-tuesday-november-2022","tag-sans-internet-storm-center","tag-satnam-narang","tag-tenable","tag-time-to-patch","tag-windows","tag-windows-print-spooler"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=20566"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20566\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=20566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=20566"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=20566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}