September 2022 Patch Tuesday « Giveaway of the Day Forums

Back to Giveaway of the Day

Giveaway of the Day Forums » Technical notes

September 2022 Patch Tuesday

(2 posts) (1 voice)

Started 2 years ago by mikiem2
Latest reply from mikiem2

mikiem2
Moderator

zdnet[.]com/article/microsoft-patch-tuesday-64-new-vulnerabilities-including-five-critical-ones/

Fewer fixes than last month, with one vulnerability being actively exploited. No wide spread problems So Far.

The one exploited CVE disclosed on Patch Tuesday impacts the Windows Common Log File System Driver. To exploit it, the attacker must already have access to the system and the ability to run code on it. It allows the attacker to gain new privileges, thereby enabling them to run an attack.

"Bugs of this nature are often wrapped into some form of social engineering attack, such as convincing someone to open a file or click a link," Zero Day Initiative notes. "Once they do, additional code executes with elevated privileges to take over a system."

Microsoft acknowledged researchers from DBAPPSecurity, Mandiant, CrowdStrike and Zscaler for identifying this vulnerability.

The five critical CVEs disclosed on Tuesday were all Remote Code Execution (RCE) vulnerabilities. Of those, two impact on-premise versions of Microsoft Dynamics 365. These CVEs let an authenticated user run a specially crafted trusted solution package to execute arbitrary SQL commands. From there, the attacker could escalate and execute commands as db_owner within their Dynamics 365 database.

Two more of the critical CVEs impact Windows Internet Key Exchange (IKE) Protocol Extensions, allowing an unauthenticated attacker to send a specially crafted IP packet to a target machine.

The last critical CVE impacts Windows TCP/IP, allowing an unauthenticated attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled.

Posted 2 years ago #
mikiem2
Moderator

Problems are starting to crop up [of course]...

I have a Win10 32-bit VM enrolled in the Insider program that I used to capture the 32-bit setup .wim files years ago for use with a tablet -- Microsoft changed how Windows performs upgrades so this hasn't worked for years -- and I've kept it going just to maintain the original free license [Win10 Betas came with a free license that's still valid today]. This month's update would not install, though I'm not sure if that's a problem with the update or just another case of Microsoft not showing the 32-bit version of Win10 any love -- experience over the years suggest they loath it.

Bleeping Computer says that the update causes problems with Group Policy that effect IT admins but not individual users. And some folks are having Windows hang when they reboot [restart] after the update -- something that apparently happened with August's update too (?).

bleepingcomputer[.]com/news/microsoft/windows-10-kb5017308-causing-issues-with-group-policy-settings/

answers.microsoft[.]com/en-us/windows/forum/all/windows-10-update-kb5016616-and-kb5017308-hang-on/8722de52-46ca-44ed-af4f-281b9f57a225

Posted 2 years ago #

RSS feed for this topic

Reply

You must log in to post.