TeqGo.com
No Result
View All Result
No Result
View All Result
TeqGo.com
No Result
View All Result
Home Computer

Patches for 6 zero-days under active exploit are now available from Microsoft

Staff by Staff
November 9, 2022
in Computer
0
Apple releases patch for iPhone and iPad 0-day reported by anonymous source
466
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


It’s the second Tuesday of the month, and that means it’s Update Tuesday, the monthly release of security patches available for nearly all software Microsoft supports. This time around, the software maker has fixed six zero-days under active exploit in the wild, along with a wide range of other vulnerabilities that pose a threat to end users.

Two of the zero-days are high-severity vulnerabilities in Exchange that, when used together, allow hackers to execute malicious code on servers. Tracked as CVE-2022-41040 and CVE-2022-41082, these vulnerabilities came to light in September. At the time, researchers in Vietnam reported they had been used to infect on-premises Exchange servers with web shells, the text-based interfaces that allow people to remotely execute commands.

Better known as ProxyNotShell, the vulnerabilities affect on-premises Exchange servers. Shodan searches at the time the zero-days became publicly known showed roughly 220,000 servers were vulnerable. Microsoft said in early October that it was aware of only a single threat actor exploiting the vulnerabilities and that the actor had targeted fewer than 10 organizations. The threat actor is fluent in Simplified Chinese, suggesting it has a nexus to China.

Advertisement

A third zero-day is CVE-2022-41128, a critical Windows vulnerability that also allows a threat actor to execute malicious code remotely. The vulnerability, which works when a vulnerable device accesses a malicious server, was discovered by Clément Lecigne of Google’s Threat Analysis Group. Because TAG tracks hacking backed by nation-states, the discovery likely means that government-backed hackers are behind the zero-day exploits.

Two more zero-days are escalation-of-privilege vulnerabilities, a class of vulnerability that, when paired with a separate vulnerability or used by someone who already has limited system privileges on a device, elevates system rights to those needed to install code, access passwords, and take control of a device. As security in applications and operating systems has improved in the past decade, so-called EoP vulnerabilities have grown in importance.

CVE-2022-41073 affects the Microsoft print spooler, while CVE-2022-41125 resides in the Windows CNG Key Isolation Service. Both EoP vulnerabilities were discovered by the Microsoft Security Threat Intelligence team.

The last zero-day fixed this month is also in Windows. CVE-2022-41091 allows hackers to create malicious files that evade Mark of the Web defenses, which are designed to work with security features such as Protected View in Microsoft Office. Will Dormann, a senior vulnerability analyst at security firm ANALYGENCE, discovered the bypass technique in July.

In all, this month’s Update Tuesday fixed a total of 68 vulnerabilities. Microsoft gave a “critical” severity rating to 11 of them, with the remainder carrying the rating “important.” Patches generally install automatically within about 24 hours. Those who want to install updates immediately can go to Windows > Settings > Updates and Security > Windows Update. Microsoft’s full rundown is here.





Source link

Previous Post

A Race to Bridge the Analog Divide in US Politics

Next Post

Help With Personal Injuries Related to Trucks 

Next Post
Help With Personal Injuries Related to Trucks 

Help With Personal Injuries Related to Trucks 

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Multi Cloud Management

7 Best Practices for Strong Multi-Cloud Management

August 14, 2022
Seattle musician uses unique tech to generate imagery for his song – GeekWire

Seattle musician uses unique tech to generate imagery for his song – GeekWire

August 20, 2022

Trending.

What happened to Andrew Humphrey on Channel 4 weather?

August 24, 2022

Who is the new weather man on Channel 4 Detroit?

August 24, 2022

Why is Ben Bailey leaving WDIV?

August 24, 2022

Who is the new chief meteorologist at WDIV?

August 24, 2022

Who recently left WDIV?

August 24, 2022
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com

No Result
View All Result
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com