Vulnerabilities/Malwares

Microsoft patched 2 zero-days, 49 flaws

Published

on

Microsoft’s December 2022 Patch Tuesday comes with fixes for 49 vulnerabilities, including two zero-day vulnerabilities and one that has been actively exploited.

Because they permit remote code execution, one of the most severe vulnerabilities, six of the 49 vulnerabilities fixed in today’s update are categorized as “Critical.”

The following is a list of the number of vulnerabilities in each category:

19 Elevation of Privilege Vulnerabilities, 2 Security Feature Bypass Vulnerabilities, 23 Remote Code Execution Vulnerabilities, 3 Information Disclosure Vulnerabilities, 3 Denial of Service Vulnerabilities, and 1 Spoofing Vulnerability

Read today’s articles on the Windows 10 KB5021233 and KB5021237 updates and the Windows 11 KB5021255 and KB5021234 updates for information about non-security Windows updates.

Two zero-day vulnerabilities are fixed in this month’s Patch Tuesday, one of which has been actively exploited and the other has been made public.

If a vulnerability is publicly disclosed or actively exploited and there is no official fix, Microsoft considers it to be a zero-day vulnerability.

Today’s updates address the zero-day vulnerability that was publicly disclosed and actively exploited:

Will Dormann discovered the Windows SmartScreen Security Feature Bypass Vulnerability, CVE-2022-44698.

“An attacker can create a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and the availability of Microsoft Office security features like Protected View, which rely on MOTW tagging.”

Threat actors took advantage of this vulnerability by creating malicious JavaScript files that ran on their own and were signed with a wrong signature.
When signed in this way, SmartCheck would fail and not show any security warnings about the Mark of the Web, allowing the malware to run and install itself automatically.

Numerous malware distribution campaigns, including those that spread the QBot trojan and Magniber Ransomware, actively took advantage of this vulnerability.

The additional flaw that has been made public is:

Luka Pribani discovered the DirectX Graphics Kernel Elevation of Privilege Vulnerability (CVE-2022-44710).

“For this vulnerability to be exploited successfully, an attacker must win a race condition. SYSTEM privileges could be gained by an attacker who successfully exploits this vulnerability.

Below is the complete list of resolved vulnerabilities and released advisories in the December 2022 Patch Tuesday updates

Tag CVE ID CVE Title Severity
.NET Framework CVE-2022-41089 .NET Framework Remote Code Execution Vulnerability Important
Azure CVE-2022-44699 Azure Network Watcher Agent Security Feature Bypass Vulnerability Important
Client Server Run-time Subsystem (CSRSS) CVE-2022-44673 Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability Important
Microsoft Bluetooth Driver CVE-2022-44675 Windows Bluetooth Driver Elevation of Privilege Vulnerability Important
Microsoft Bluetooth Driver CVE-2022-44674 Windows Bluetooth Driver Information Disclosure Vulnerability Important
Microsoft Dynamics CVE-2022-41127 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability Critical
Microsoft Edge (Chromium-based) CVE-2022-4192 Chromium: CVE-2022-4192 Use after free in Live Caption Unknown
Microsoft Edge (Chromium-based) CVE-2022-4193 Chromium: CVE-2022-4193 Insufficient policy enforcement in File System API Unknown
Microsoft Edge (Chromium-based) CVE-2022-4190 Chromium: CVE-2022-4190 Insufficient data validation in Directory Unknown
Microsoft Edge (Chromium-based) CVE-2022-4191 Chromium: CVE-2022-4191 Use after free in Sign-In Unknown
Microsoft Edge (Chromium-based) CVE-2022-4194 Chromium: CVE-2022-4194 Use after free in Accessibility Unknown
Microsoft Edge (Chromium-based) CVE-2022-41115 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2022-44688 Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate
Microsoft Edge (Chromium-based) CVE-2022-4195 Chromium: CVE-2022-4195 Insufficient policy enforcement in Safe Browsing Unknown
Microsoft Edge (Chromium-based) CVE-2022-44708 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2022-4181 Chromium: CVE-2022-4181 Use after free in Forms Unknown
Microsoft Edge (Chromium-based) CVE-2022-4180 Chromium: CVE-2022-4180 Use after free in Mojo Unknown
Microsoft Edge (Chromium-based) CVE-2022-4174 Chromium: CVE-2022-4174 Type Confusion in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2022-4182 Chromium: CVE-2022-4182 Inappropriate implementation in Fenced Frames Unknown
Microsoft Edge (Chromium-based) CVE-2022-4179 Chromium: CVE-2022-4179 Use after free in Audio Unknown
Microsoft Edge (Chromium-based) CVE-2022-4178 Chromium: CVE-2022-4178 Use after free in Mojo Unknown
Microsoft Edge (Chromium-based) CVE-2022-4175 Chromium: CVE-2022-4175 Use after free in Camera Capture Unknown
Microsoft Edge (Chromium-based) CVE-2022-4177 Chromium: CVE-2022-4177 Use after free in Extensions Unknown
Microsoft Edge (Chromium-based) CVE-2022-4187 Chromium: CVE-2022-4187 Insufficient policy enforcement in DevTools Unknown
Microsoft Edge (Chromium-based) CVE-2022-4185 Chromium: CVE-2022-4185 Inappropriate implementation in Navigation Unknown
Microsoft Edge (Chromium-based) CVE-2022-4188 Chromium: CVE-2022-4188 Insufficient validation of untrusted input in CORS Unknown
Microsoft Edge (Chromium-based) CVE-2022-4189 Chromium: CVE-2022-4189 Insufficient policy enforcement in DevTools Unknown
Microsoft Edge (Chromium-based) CVE-2022-4186 Chromium: CVE-2022-4186 Insufficient validation of untrusted input in Downloads Unknown
Microsoft Edge (Chromium-based) CVE-2022-4183 Chromium: CVE-2022-4183 Insufficient policy enforcement in Popup Blocker Unknown
Microsoft Edge (Chromium-based) CVE-2022-4184 Chromium: CVE-2022-4184 Insufficient policy enforcement in Autofill Unknown
Microsoft Graphics Component CVE-2022-26805 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-26804 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-47213 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-44697 Windows Graphics Component Elevation of Privilege Vulnerability Moderate
Microsoft Graphics Component CVE-2022-41121 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-44671 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-47212 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-26806 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-47211 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2022-41074 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2022-44679 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2022-44680 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Office CVE-2022-44692 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft Office OneNote CVE-2022-44691 Microsoft Office OneNote Remote Code Execution Vulnerability Important
Microsoft Office Outlook CVE-2022-24480 Outlook for Android Elevation of Privilege Vulnerability Important
Microsoft Office Outlook CVE-2022-44713 Microsoft Outlook for Mac Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2022-44690 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical
Microsoft Office SharePoint CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical
Microsoft Office Visio CVE-2022-44696 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2022-44695 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Office Visio CVE-2022-44694 Microsoft Office Visio Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2022-44668 Windows Media Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2022-44667 Windows Media Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2022-44687 Raw Image Extension Remote Code Execution Vulnerability Important
Role: Windows Hyper-V CVE-2022-41094 Windows Hyper-V Elevation of Privilege Vulnerability Important
Role: Windows Hyper-V CVE-2022-44682 Windows Hyper-V Denial of Service Vulnerability Important
SysInternals CVE-2022-44704 Microsoft Windows Sysmon Elevation of Privilege Vulnerability Important
Windows Certificates ADV220005 Guidance on Microsoft Signed Drivers Being Used Maliciously None
Windows Contacts CVE-2022-44666 Windows Contacts Remote Code Execution Vulnerability Important
Windows DirectX CVE-2022-44710 DirectX Graphics Kernel Elevation of Privilege Vulnerability Important
Windows Error Reporting CVE-2022-44669 Windows Error Reporting Elevation of Privilege Vulnerability Important
Windows Fax Compose Form CVE-2022-41077 Windows Fax Compose Form Elevation of Privilege Vulnerability Important
Windows HTTP Print Provider CVE-2022-44678 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-44707 Windows Kernel Denial of Service Vulnerability Important
Windows Kernel CVE-2022-44683 Windows Kernel Elevation of Privilege Vulnerability Important
Windows PowerShell CVE-2022-41076 PowerShell Remote Code Execution Vulnerability Critical
Windows Print Spooler Components CVE-2022-44681 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Projected File System CVE-2022-44677 Windows Projected File System Elevation of Privilege Vulnerability Important
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-44670 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-44676 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows SmartScreen CVE-2022-44698 Windows SmartScreen Security Feature Bypass Vulnerability Moderate
Windows Subsystem for Linux CVE-2022-44689 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability Important
Windows Terminal CVE-2022-44702 Windows Terminal Remote Code Execution Vulnerability Important

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending

Exit mobile version