WARNING: MICROSOFT PATCH TUESDAY NOVEMBER 2022 PATCHES 62 VULNERABILITIES (9 CRITICAL, 6 ACTIVELY EXPLOITED)
Number of CVE's per type
- 26 Elevation of Privilege Vulnerabilities
- 15 Remote Code Execution Vulnerabilities
- 8 Information Disclosure Vulnerabilities
- 6 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
This month’s Patch Tuesday includes 9 critical and 6 actively exploited 0-day vulnerabilities.
- Microsoft Exchange Server Elevation of Privilege Vulnerability
This is a Privilege Escalation vulnerability with a CVSS Base Score of 8.8 affecting Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2019 Cumulative Update 12.
Technical details to exploit this vulnerability are unknown, but the and successful exploitation is more likely.
- Windows Scripting Languages Remote Code Execution Vulnerability
This is an vulnerability affecting the JScript9 scripting language which has a CVSS Base Score of 8.8.
The attack can be initiated remotely: an attacker has to convince a victim to visit a server share or website they host, typically by way of an enticement in an email or chat message.
, and - Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerabilities
These have a CVSS Base Score of 8.1 and affect the Windows Point-to-Point Tunneling Protocol (PPTP).
An unauthenticated attacker can send a crafted request to a RAS (Remote Access Server), that can lead to remote code execution. These three vulnerabilities are less likely to be exploited, as the attacker must win a complex race condition.
- Windows Kerberos Elevation of Privilege Vulnerability
This Privilege Escalation vulnerability has a CVSS Base Score of 8.1 and the .
An attacker can leverage cryptographic protocol vulnerabilities in the Windows Kerberos AES-SHA1 cipher suite to gain control over the service that is allowed for delegation and modify Kerberos PAC (Privileged Attribute Certificate) to elevate their privileges.
- Windows Print Spooler Elevation of Privilege Vulnerability
The Privilege Escalation vulnerability affects the Windows Print Spooler service and has a CVSS Base Score of 7.8.
This flaw is being and allows a low privileged user to gain SYSTEM level privileges.
- Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
This is yet another Privilege Escalation vulnerability with a CVSS Base Score of 7.8 which is known to be exploited in the wild.
The vulnerability affects the Windows Cryptography Next Generation (CNG) Key Isolation Service used for Windows cryptographic support and operations. Successful exploitation allows an attacker to gain SYSTEM privileges.
- Windows Mark of the Web Security Feature Bypass Vulnerability
The vulnerability is a
By crafting a malicious file, an attacker can evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features, such as Protected View in Microsoft Office, which rely on MOTW tagging.
and - Microsoft Exchange Server Elevation of Privilege and Microsoft Exchange Server Remote Code Execution Vulnerability
It is worth noting that these two , discovered at the end of September 2022, are now patched with this month’s security updates.
The CCB recommends installing updates for vulnerable devices with the highest priority, after thorough testing.