High Threat Security Alert (A22-09-08): Multiple Vulnerabilities in Microsoft Products (September 2022)

Description:

Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep

Reports indicated that an elevation of privilege vulnerability (CVE-2022-37969) in Microsoft Windows and Server is being actively exploited in the wild and the technical details of another information disclosure vulnerability (CVE-2022-23960) in Microsoft Windows 11 was publicly disclosed. In addition, multiple remote code execution vulnerabilities (CVE-2022-34700, CVE-2022-34718, CVE-2022-34721, CVE-2022-34722 and CVE-2022-35805) are also at a high risk of exploitation. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

Affected Systems:

• Microsoft Windows 7, 8.1, RT 8.1, 10, 11
• Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, 2022, 2022 Azure Edition Core Hotpatch
• Microsoft Office 2013, 2013 RT, 2016, 2019, LTSC 2021
• Microsoft 365 Apps for Enterprise
• Microsoft SharePoint Foundation 2013
• Microsoft SharePoint Enterprise Server 2013, 2016
• Microsoft SharePoint Server 2019, Subscription Edition
• Microsoft Visio 2013, 2016
• Microsoft Visual Studio 2019, 2022
• Visual Studio 2022 for Mac version 17.3
• Visual Studio Code
• Microsoft .NET Framework 2.0, 3.0, 3.5, 3.5.1, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
• .NET 6.0
• .NET Core 3.1
• Microsoft Defender for Endpoint for Mac
• Microsoft Dynamics CRM (on-premises) 9.0, 9.1
• AV1 Video Extension
• Azure ARC, Guest Configuration
• Raw Image Extension

Impact:

Depending on the vulnerability exploited, a successful attack could lead to remote code execution, denial of service, elevation of privilege, information disclosure and security feature bypass.

Recommendation:

Patches for affected products are available from the Windows Update / Microsoft Update Catalog. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

More Information:

• https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep
• https://www.hkcert.org/security-bulletin/microsoft-monthly-security-update-september-2022
• https://www.cisa.gov/uscert/ncas/current-activity/2022/09/13/microsoft-releases-september-2022-ecurity-updates
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23960
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26928 (to CVE-2022-26929)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30170
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30196
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30200
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33647
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33679
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34700
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34718 (to CVE-2022-34734)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35803
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35805
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35823
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35828
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35830 (to CVE-2022-35838)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35840 (to CVE-2022-35841)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37954 (to CVE-2022-37959)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37961 (to CVE-2022-37964)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37969
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38004 (to CVE-2022-38011)
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38013
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38019 (to CVE-2022-38020)