Patch Tuesday

Today is Microsoft's September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws.

Five of the 63 vulnerabilities fixed in today's update are classified as 'Critical' as they allow remote code execution, one of the most severe types of vulnerabilities.

The number of bugs in each vulnerability category is listed below:

  • 18 Elevation of Privilege Vulnerabilities
  • 1 Security Feature Bypass Vulnerabilities
  • 30 Remote Code Execution Vulnerabilities
  • 7 Information Disclosure Vulnerabilities
  • 7 Denial of Service Vulnerabilities
  • 16 Edge - Chromium Vulnerabilities

The above counts do not include sixteen vulnerabilities fixed in Microsoft Edge before Patch Tuesday.

For information about the non-security Windows updates, you can read today's Windows 10 KB5017308 and KB5017315 updates and the Windows 11 KB5017328 update.

Two zero-days fixed, one actively exploited

This month's Patch Tuesday fixes two publicly disclosed zero-day vulnerabilities, with one actively exploited in attacks.

Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.

The actively exploited zero-day vulnerability fixed today is tracked as 'CVE-2022-37969 - Windows Common Log File System Driver Elevation of Privilege Vulnerability.'

"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," reads Microsoft's advisory.

The exploited vulnerability was discovered by researchers at DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler.

Mandiant told BleepingComputer that they discovered the zero-day during a proactive Offensive Task Force exploit hunting mission.

“We found this 0Day bug during a proactive Offensive Task Force exploit hunting mission. An escalation of privilege (EOP) exploit was found in the wild, exploiting this Common Log File System (CLFS) vulnerability,” explained Dhanesh Kizhakkinan, Senior Principal Vulnerability Engineer at Mandiant.

"The exploit seems to stand-alone and not part of a chain (like browser + EOP).”

The other publicly disclosed vulnerability is tracked as 'CVE-2022-23960 - Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability.'

The fix is for the Branch History Injection (BHI) speculative execution vulnerability that was disclosed by researchers at VUSec in March.

Recent updates from other companies

Other vendors who released updates in September 2022 include:

The September 2022 Patch Tuesday Security Updates

Below is the complete list of resolved vulnerabilities and released advisories in the September 2022 Patch Tuesday updates. To access the full description of each vulnerability and the systems that it affects, you can view the full report here.

Tag CVE ID CVE Title Severity
.NET and Visual Studio CVE-2022-38013 .NET Core and Visual Studio Denial of Service Vulnerability Important
.NET Framework CVE-2022-26929 .NET Framework Remote Code Execution Vulnerability Important
Azure Arc CVE-2022-38007 Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability Important
Cache Speculation CVE-2022-23960 Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability Important
HTTP.sys CVE-2022-35838 HTTP V3 Denial of Service Vulnerability Important
Microsoft Dynamics CVE-2022-35805 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability Critical
Microsoft Dynamics CVE-2022-34700 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability Critical
Microsoft Edge (Chromium-based) CVE-2022-3053 Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock Unknown
Microsoft Edge (Chromium-based) CVE-2022-3047 Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API Unknown
Microsoft Edge (Chromium-based) CVE-2022-3054 Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools Unknown
Microsoft Edge (Chromium-based) CVE-2022-3041 Chromium: CVE-2022-3041 Use after free in WebSQL Unknown
Microsoft Edge (Chromium-based) CVE-2022-3040 Chromium: CVE-2022-3040 Use after free in Layout Unknown
Microsoft Edge (Chromium-based) CVE-2022-3046 Chromium: CVE-2022-3046 Use after free in Browser Tag Unknown
Microsoft Edge (Chromium-based) CVE-2022-3039 Chromium: CVE-2022-3039 Use after free in WebSQL Unknown
Microsoft Edge (Chromium-based) CVE-2022-3045 Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2022-3044 Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation Unknown
Microsoft Edge (Chromium-based) CVE-2022-3057 Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox Unknown
Microsoft Edge (Chromium-based) CVE-2022-3075 Chromium: CVE-2022-3075 Insufficient data validation in Mojo Unknown
Microsoft Edge (Chromium-based) CVE-2022-3058 Chromium: CVE-2022-3058 Use after free in Sign-In Flow Unknown
Microsoft Edge (Chromium-based) CVE-2022-3038 Chromium: CVE-2022-3038 Use after free in Network Service Unknown
Microsoft Edge (Chromium-based) CVE-2022-3056 Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy Unknown
Microsoft Edge (Chromium-based) CVE-2022-3055 Chromium: CVE-2022-3055 Use after free in Passwords Unknown
Microsoft Edge (Chromium-based) CVE-2022-38012 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Low
Microsoft Graphics Component CVE-2022-37954 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-38006 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2022-34729 Windows GDI Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-34728 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2022-35837 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Office CVE-2022-37962 Microsoft PowerPoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-35823 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-38009 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-38008 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-37961 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2022-37963 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2022-38010 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Windows ALPC CVE-2022-34725 Windows ALPC Elevation of Privilege Vulnerability Important
Microsoft Windows Codecs Library CVE-2022-38011 Raw Image Extension Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2022-38019 AV1 Video Extension Remote Code Execution Vulnerability Important
Network Device Enrollment Service (NDES) CVE-2022-37959 Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability Important
Role: DNS Server CVE-2022-34724 Windows DNS Server Denial of Service Vulnerability Important
Role: Windows Fax Service CVE-2022-38004 Windows Fax Service Remote Code Execution Vulnerability Important
SPNEGO Extended Negotiation CVE-2022-37958 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability Important
Visual Studio Code CVE-2022-38020 Visual Studio Code Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2022-35803 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Common Log File System Driver CVE-2022-37969 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Windows Credential Roaming Service CVE-2022-30170 Windows Credential Roaming Service Elevation of Privilege Vulnerability Important
Windows Defender CVE-2022-35828 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability Important
Windows Distributed File System (DFS) CVE-2022-34719 Windows Distributed File System (DFS) Elevation of Privilege Vulnerability Important
Windows DPAPI (Data Protection Application Programming Interface) CVE-2022-34723 Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability Important
Windows Enterprise App Management CVE-2022-35841 Windows Enterprise App Management Service Remote Code Execution Vulnerability Important
Windows Event Tracing CVE-2022-35832 Windows Event Tracing Denial of Service Vulnerability Important
Windows Group Policy CVE-2022-37955 Windows Group Policy Elevation of Privilege Vulnerability Important
Windows IKE Extension CVE-2022-34722 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability Critical
Windows IKE Extension CVE-2022-34720 Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability Important
Windows IKE Extension CVE-2022-34721 Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability Critical
Windows Kerberos CVE-2022-33647 Windows Kerberos Elevation of Privilege Vulnerability Important
Windows Kerberos CVE-2022-33679 Windows Kerberos Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37964 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37956 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37957 Windows Kernel Elevation of Privilege Vulnerability Important
Windows LDAP - Lightweight Directory Access Protocol CVE-2022-30200 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2022-34726 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2022-34730 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2022-34727 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2022-34732 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows ODBC Driver CVE-2022-34734 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-35834 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-35835 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-35836 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-35840 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-34733 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows OLE CVE-2022-34731 Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability Important
Windows Photo Import API CVE-2022-26928 Windows Photo Import API Elevation of Privilege Vulnerability Important
Windows Print Spooler Components CVE-2022-38005 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Remote Access Connection Manager CVE-2022-35831 Windows Remote Access Connection Manager Information Disclosure Vulnerability Important
Windows Remote Procedure Call CVE-2022-35830 Remote Procedure Call Runtime Remote Code Execution Vulnerability Important
Windows TCP/IP CVE-2022-34718 Windows TCP/IP Remote Code Execution Vulnerability Critical
Windows Transport Security Layer (TLS) CVE-2022-35833 Windows Secure Channel Denial of Service Vulnerability Important
Windows Transport Security Layer (TLS) CVE-2022-30196 Windows Secure Channel Denial of Service Vulnerability Important

Related Articles:

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs

Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws

Windows 10 KB5034763 update released with new fixes, changes

Study for Windows PowerShell certification for just $20

Microsoft announces deprecation of 1024-bit RSA keys in Windows