Microsoft Patch Tuesday updates fix 6 actively exploited zero-days

Pierluigi Paganini November 09, 2022

Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days.

Microsoft Patch Tuesday updates for November 2022 addressed 64 new vulnerabilities in Microsoft Windows and Windows Components; Azure and Azure Real Time Operating System; Microsoft Dynamics; Exchange Server; Office and Office Components; SysInternals; Visual Studio; SharePoint Server; Network Policy Server (NPS); Windows BitLocker; and Linux Kernel and Open Source Software.

11 vulnerabilities are rated as Critical and 53 are rated Important in severity. This month Microsoft addressed a couple of vulnerabilities in MS Exchange that are currently being exploited in the wild.

“They were expected last month, but they are finally here (along with several other Exchange fixes). These bugs were purchased by the ZDI at the beginning of September and reported to Microsoft at the time. At some point later, they were detected in the wild. Microsoft has released several different mitigation recommendations, but the best advice is to test and deploy these fixes.” reads the announcement published by ZDI. “There were some who doubted these patches would release this month, so it’s good to see them here.”

The following vulnerabilities are actively exploited:

  • CVE-2022-41028 – Microsoft Exchange Server Remote Code Execution Vulnerability
    CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability
  • CVE-2022-41128 – Windows Scripting Languages Remote Code Execution Vulnerability
  • CVE-2022-41091 – Windows Mark of the Web Security Feature Bypass Vulnerability
  • CVE-2022-41073 – Windows Print Spooler Elevation of Privilege Vulnerability
  • CVE-2022-41125 – Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

“These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities addressed in these SUs and do not need to take any action other than updating any Exchange servers in their environment.” reads the advisory published by Microsoft. “Mitigations are not actual code fixes of specific vulnerabilities. Please install the November 2022 (or later) SU on your Exchange servers to address CVE-2022-41040 and CVE-2022-41082.”

The complete list of vulnerabilities addressed with the release of Patch Tuesday updates for November 2022 is available here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment