November’s Microsoft Patch Tuesday is met with only 66 total vulnerabilities, but don’t let that mislead you into thinking this was a quiet month. With a massive 10 critical vulnerabilities as well as 2 publicly disclosed and 6 exploited in the wild it seems this month has much to offer.
November’s instalment includes patches for some key services such as:
This important vulnerability has been found on a popular windows component for hackers, this is the 9th time the Windows Print Spooler component will be patched in 12 months. the latest vulnerability for the windows printer spooler is privilege escalation and has been recorded as being exploited in the wild.
Windows mark of the web is a security feature used to determine files that have been downloaded from untrusted sources. An important vulnerability in this service has led to malicious files bypassing this security feature which would later bypass other security features such as the protected view in Microsoft office. This vulnerability has been publicly disclosed and seen in the wild.
This critical exploited in the wild vulnerability is due to weaknesses in windows scripting languages that would allow for remote code execution for the Jscript9 scripting language. If a user visits a website that is hosted or compromised by an attacker that has been specially crafted, then the attacker could conduct remote code execution on the visitor’s device.
The most severe of the exchange server vulnerabilities patched this month was CVE-2022-41080. With a CVSS of 8.8 and the confirmation from Microsoft that this vulnerability is likely to be exploited, technical details surrounding the vulnerability haven’t been disclosed.
The other exchange vulnerability seen this month are:
For a full list of this month’s updates please see the links below:
Patch Tuesday Release Notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov
Security Update Guide: https://msrc.microsoft.com/update-guide/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
