Microsoft’s October 2022 Patch Tuesday Updates
Since its beginnings, Patch Tuesday—the colloquial name for Microsoft’s second Tuesday of every month planned security repair release—has generated a lot of debate. Microsoft has, unfortunately, been playing some practical jokes on us. The Microsoft Exchange server has been found to have many flaws that hackers are exploiting to get access to user accounts.
As of Patch Tuesday, September 2022, 64 CVE-numbered vulnerabilities across many Microsoft products have been patched, including one zero-day vulnerability (CVE-2022-37969) that has been exploited in the wild.
Security Update Guide
The information provided here is part of an ongoing effort by the Microsoft Security Response Center (MSRC) to assist you in managing security risks and help keep your systems secure. The MSRC analyses all complaints of security vulnerabilities impacting Microsoft products and services.
This update contains the following Microsoft Edge-specific update:
Exchange zero-day vulnerabilities
Attacks on Microsoft Exchange Server have persisted after the company disclosed two more zero-day flaws immediately after Patch Tuesday. They exposed the first line of defense against the ProxyNotShell attacks’ exploitation of the Exchange Server Elevation of Privilege Vulnerability (CVE-2022-41040) and the Exchange Server Remote Code Execution Vulnerability (CVE-2022-41082).
These two CVEs each have a CVSS score of 8.8. The steps to take are outlined in the responses to the most frequently asked questions on the first vulnerability. Recent reports show that these zero-day vulnerabilities may still be exploited, despite the fact that Microsoft provided an updated version of a program to make the necessary mitigation measures. It is crucial that you keep vigilant about these assaults and vulnerabilities as we approach Patch Tuesday next week. As we wait for a certified security update to address the issue, keep a watchful eye on your workstations for any strange behavior.
Click here to know release date of the patch
No more basic authentication for Exchange Online
Microsoft will end support for simple authentication for Exchange Online on October 1st, I stated last month. The Microsoft Exchange Team blog gives a comprehensive chronology of events leading up to the January 2023 shutdown of the service. If you haven’t done so already, I anticipate that you will soon feel compelled to take action.
Windows 7 and R2 are nearing their last supported months of usage. The final Extended Security Update (ESU) will be delivered on January 10, 2023, four months from now. If you still have servers located in the data center, I hope you have a migration strategy in place. Extended Security Updates (ESUs) for Microsoft Server 2012 and 2012 R2 will be published on October 11, 2023, after Patch Tuesday in October 2023. If you want to avoid the exorbitant expenses of ESU maintenance and maybe transition these systems to a contemporary server running Windows 10, you need begin preparing immediately.
Release Date for Patch Tuesday in October 2022
- I don’t expect Apple to issue another update next week given that they released a number of key OS security updates in September and I haven’t heard of any critically exploitable flaws.
- On Wednesday, Google made available for Windows, Mac, and Linux the Extended Stable Channel Upgrade and the Stable Channel Desktop Update 106.0.5249.103. No new information is anticipated till next week.
Weaknesses that should be prioritized
CVE-2022-34718 is a Windows TCP/IP RCE vulnerability that might be triggered without user interaction. CVE-2022-34724 is a Windows DNS Server Denial of Service issue. With a CVSS score of 9.2, it is now officially “wormable.” However, only IPv6-enabled and IPSec-ready systems are susceptible to attack. Despite the fact that this is good news for some, it is probable that individuals who currently use IPv6 also use IPSec (which many people do).
Microsoft has also addressed two Remote Code Execution vulnerabilities (CVE-2022-34721, CVE-2022-34722) in the Microsoft’s Internet Key Exchange (IKE) Protocol that might be exploited by sending a specially crafted IP packet to an IPSec-enabled system.
The critical Spectre-BHB (CVE-2022-23960) cache speculation vulnerability affecting Windows 11 on ARM64-based computers has been fixed. Critical updates have been issued for a number of Remote Code Execution vulnerabilities in SharePoint, as well as a PowerPoint RCE exploitable if a user is tricked into downloading and viewing a malicious presentation file.
wintech
Azhar Ali Buttar has 20 years of experience working in different domains within IT industry. From network protocols to server hardening, he knows about multiple areas and has been working side by side with MNCs to provide cost-effective security and infrastructure solutions. Azhar’s expertise lies in off-site and hybrid infrastructure deployment using multiple platforms which includes, but not limited to, Azure, AWS, Google and Private Clouds. He has also been leading several infrastructure and security teams to deploy and perform security optimization in multiple projects, and now leads Nocastra with his decision-making and client-oriented skills.
