Hero Image

2022-10 Patchday Microsoft

Quelle: microsoft.com

Heute ist Microsofts Patch Tuesday für Oktober 2022, und mit ihm werden eine aktiv ausgenutzte Windows-Sicherheitslücke und insgesamt 84 Schwachstellen behoben.

Dreizehn der 84 mit dem heutigen Update behobenen Sicherheitslücken werden als "kritisch" eingestuft, da sie die Erhöhung von Berechtigungen, Spoofing oder Remotecodeausführung ermöglichen, eine der schwerwiegendsten Arten von Sicherheitslücken.

In den oben genannten Zahlen sind zwölf Sicherheitslücken nicht enthalten, die am 3. Oktober in Microsoft Edge behoben wurden.

Der diesmonatige Patch Tuesday behebt zwei öffentlich bekannte Zero-Day-Schwachstellen, von denen eine aktiv in Angriffen ausgenutzt wird und eine öffentlich bekannt ist.

Microsoft stuft eine Sicherheitslücke als Zero-Day ein, wenn sie öffentlich bekannt ist oder aktiv ausgenutzt wird, ohne dass ein offizieller Fix verfügbar ist.

Die aktiv ausgenutzte Zero-Day-Schwachstelle, die heute behoben wurde, wird unter der Bezeichnung "CVE-2022-41033 - Windows COM+ Event System Service Elevation of Privilege Vulnerability" geführt.

"Ein Angreifer, der diese Sicherheitsanfälligkeit erfolgreich ausnutzt, kann SYSTEM-Rechte erlangen", heißt es in der Mitteilung von Microsoft.

Die ausgenutzte Sicherheitslücke wird als von einem "anonymen" Forscher entdeckt aufgeführt.

Die öffentlich bekannt gegebene Sicherheitslücke wird als "CVE-2022-41043 - Microsoft Office Information Disclosure Vulnerability" geführt und wurde von Cody Thomas von SpecterOps entdeckt.

Laut Microsoft können Angreifer diese Sicherheitslücke nutzen, um Zugriff auf die Authentifizierungs-Token der Benutzer zu erhalten.

Leider hat Microsoft keine Sicherheitsupdates für zwei aktiv ausgenutzte Zero-Day-Schwachstellen veröffentlicht, die als CVE-2022-41040 und CVE-2022-41082 bezeichnet werden und auch als ProxyNotShell bezeichnet werden.

Diese Schwachstellen wurden Ende September vom vietnamesischen Cybersicherheitsunternehmen GTSC aufgedeckt, das die Angriffe zuerst entdeckte und meldete.

Die Schwachstellen wurden Microsoft über die Zero-Day-Initiative von Trend Micro gemeldet und sollten heute behoben werden.

Im heutigen Microsoft Exchange Security Bulletin heißt es jedoch, dass die Korrekturen noch nicht fertig sind.

"Die Oktober 2022 SUs enthalten keine Korrekturen für die am 29. September 2022 öffentlich gemeldeten Zero-Day-Schwachstellen (CVE-2022-41040 und CVE-2022-41082)", heißt es im Microsoft Exchange Bulletin.

"Bitte lesen Sie diesen Blog-Beitrag, um Abhilfemaßnahmen für diese Sicherheitslücken anzuwenden. Wir werden Updates für CVE-2022-41040 und CVE-2022-41082 veröffentlichen, sobald sie fertig sind."

Tag CVE ID CVE Title Severity
Active Directory Domain Services CVE-2022-38042 Active Directory Domain Services Elevation of Privilege Vulnerability Important
Azure CVE-2022-38017 StorSimple 8000 Series Elevation of Privilege Vulnerability Important
Azure Arc CVE-2022-37968 Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability Critical
Client Server Run-time Subsystem (CSRSS) CVE-2022-37987 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Important
Client Server Run-time Subsystem (CSRSS) CVE-2022-37989 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Important
Microsoft Edge (Chromium-based) CVE-2022-3311 Chromium: CVE-2022-3311 Use after free in Import Unknown
Microsoft Edge (Chromium-based) CVE-2022-3313 Chromium: CVE-2022-3313 Incorrect security UI in Full Screen Unknown
Microsoft Edge (Chromium-based) CVE-2022-3315 Chromium: CVE-2022-3315 Type confusion in Blink Unknown
Microsoft Edge (Chromium-based) CVE-2022-3370 Chromium: CVE-2022-3370 Use after free in Custom Elements Unknown
Microsoft Edge (Chromium-based) CVE-2022-3373 Chromium: CVE-2022-3373 Out of bounds write in V8 Unknown
Microsoft Edge (Chromium-based) CVE-2022-3316 Chromium: CVE-2022-3316 Insufficient validation of untrusted input in Safe Browsing Unknown
Microsoft Edge (Chromium-based) CVE-2022-3317 Chromium: CVE-2022-3317 Insufficient validation of untrusted input in Intents Unknown
Microsoft Edge (Chromium-based) CVE-2022-3310 Chromium: CVE-2022-3310 Insufficient policy enforcement in Custom Tabs Unknown
Microsoft Edge (Chromium-based) CVE-2022-3304 Chromium: CVE-2022-3304 Use after free in CSS Unknown
Microsoft Edge (Chromium-based) CVE-2022-41035 Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate
Microsoft Edge (Chromium-based) CVE-2022-3308 Chromium: CVE-2022-3308 Insufficient policy enforcement in Developer Tools Unknown
Microsoft Edge (Chromium-based) CVE-2022-3307 Chromium: CVE-2022-3307 Use after free in Media Unknown
Microsoft Graphics Component CVE-2022-37986 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-38051 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-37997 Windows Graphics Component Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2022-37985 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2022-33635 Windows GDI+ Remote Code Execution Vulnerability Important
Microsoft Office CVE-2022-38001 Microsoft Office Spoofing Vulnerability Important
Microsoft Office CVE-2022-38048 Microsoft Office Remote Code Execution Vulnerability Critical
Microsoft Office CVE-2022-41043 Microsoft Office Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2022-38053 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-41036 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2022-41038 Microsoft SharePoint Server Remote Code Execution Vulnerability Critical
Microsoft Office SharePoint CVE-2022-41037 Microsoft SharePoint Server Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2022-41031 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office Word CVE-2022-38049 Microsoft Office Graphics Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2022-37982 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
Microsoft WDAC OLE DB provider for SQL CVE-2022-38031 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Important
NuGet Client CVE-2022-41032 NuGet Client Elevation of Privilege Vulnerability Important
Remote Access Service Point-to-Point Tunneling Protocol CVE-2022-37965 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability Important
Role: Windows Hyper-V CVE-2022-37979 Windows Hyper-V Elevation of Privilege Vulnerability Critical
Service Fabric CVE-2022-35829 Service Fabric Explorer Spoofing Vulnerability Important
Visual Studio Code CVE-2022-41042 Visual Studio Code Information Disclosure Vulnerability Important
Visual Studio Code CVE-2022-41034 Visual Studio Code Remote Code Execution Vulnerability Important
Visual Studio Code CVE-2022-41083 Visual Studio Code Elevation of Privilege Vulnerability Important
Windows Active Directory Certificate Services CVE-2022-37978 Windows Active Directory Certificate Services Security Feature Bypass Important
Windows Active Directory Certificate Services CVE-2022-37976 Active Directory Certificate Services Elevation of Privilege Vulnerability Critical
Windows ALPC CVE-2022-38029 Windows ALPC Elevation of Privilege Vulnerability Important
Windows CD-ROM Driver CVE-2022-38044 Windows CD-ROM File System Driver Remote Code Execution Vulnerability Important
Windows COM+ Event System Service CVE-2022-41033 Windows COM+ Event System Service Elevation of Privilege Vulnerability Important
Windows Connected User Experiences and Telemetry CVE-2022-38021 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability Important
Windows CryptoAPI CVE-2022-34689 Windows CryptoAPI Spoofing Vulnerability Critical
Windows Defender CVE-2022-37971 Microsoft Windows Defender Elevation of Privilege Vulnerability Important
Windows DHCP Client CVE-2022-38026 Windows DHCP Client Information Disclosure Vulnerability Important
Windows DHCP Client CVE-2022-37980 Windows DHCP Client Elevation of Privilege Vulnerability Important
Windows Distributed File System (DFS) CVE-2022-38025 Windows Distributed File System (DFS) Information Disclosure Vulnerability Important
Windows DWM Core Library CVE-2022-37970 Windows DWM Core Library Elevation of Privilege Vulnerability Important
Windows DWM Core Library CVE-2022-37983 Microsoft DWM Core Library Elevation of Privilege Vulnerability Important
Windows Event Logging Service CVE-2022-37981 Windows Event Logging Service Denial of Service Vulnerability Important
Windows Group Policy CVE-2022-37975 Windows Group Policy Elevation of Privilege Vulnerability Important
Windows Group Policy Preference Client CVE-2022-37994 Windows Group Policy Preference Client Elevation of Privilege Vulnerability Important
Windows Group Policy Preference Client CVE-2022-37993 Windows Group Policy Preference Client Elevation of Privilege Vulnerability Important
Windows Group Policy Preference Client CVE-2022-37999 Windows Group Policy Preference Client Elevation of Privilege Vulnerability Important
Windows Internet Key Exchange (IKE) Protocol CVE-2022-38036 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability Important
Windows Kernel CVE-2022-37988 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-38037 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37990 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-38038 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-38039 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37995 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-37991 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2022-38022 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Local Security Authority (LSA) CVE-2022-38016 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability Important
Windows Local Security Authority Subsystem Service (LSASS) CVE-2022-37977 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Important
Windows Local Session Manager (LSM) CVE-2022-37973 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important
Windows Local Session Manager (LSM) CVE-2022-37998 Windows Local Session Manager (LSM) Denial of Service Vulnerability Important
Windows NTFS CVE-2022-37996 Windows Kernel Memory Information Disclosure Vulnerability Important
Windows NTLM CVE-2022-35770 Windows NTLM Spoofing Vulnerability Important
Windows ODBC Driver CVE-2022-38040 Microsoft ODBC Driver Remote Code Execution Vulnerability Important
Windows Perception Simulation Service CVE-2022-37974 Windows Mixed Reality Developer Tools Information Disclosure Vulnerability Important
Windows Point-to-Point Tunneling Protocol CVE-2022-33634 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-22035 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-24504 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-38047 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-41081 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-30198 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Point-to-Point Tunneling Protocol CVE-2022-38000 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Critical
Windows Portable Device Enumerator Service CVE-2022-38032 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability Important
Windows Print Spooler Components CVE-2022-38028 Windows Print Spooler Elevation of Privilege Vulnerability Important
Windows Resilient File System (ReFS) CVE-2022-38003 Windows Resilient File System Elevation of Privilege Important
Windows Secure Channel CVE-2022-38041 Windows Secure Channel Denial of Service Vulnerability Important
Windows Security Support Provider Interface CVE-2022-38043 Windows Security Support Provider Interface Information Disclosure Vulnerability Important
Windows Server Remotely Accessible Registry Keys CVE-2022-38033 Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability Important
Windows Server Service CVE-2022-38045 Server Service Remote Protocol Elevation of Privilege Vulnerability Important
Windows Storage CVE-2022-38027 Windows Storage Elevation of Privilege Vulnerability Important
Windows TCP/IP CVE-2022-33645 Windows TCP/IP Driver Denial of Service Vulnerability Important
Windows USB Serial Driver CVE-2022-38030 Windows USB Serial Driver Information Disclosure Vulnerability Important
Windows Web Account Manager CVE-2022-38046 Web Account Manager Information Disclosure Vulnerability Important
Windows Win32K CVE-2022-38050 Win32k Elevation of Privilege Vulnerability Important
Windows WLAN Service CVE-2022-37984 Windows WLAN Service Elevation of Privilege Vulnerability Important
Windows Workstation Service CVE-2022-38034 Windows Workstation Service Elevation of Privilege Vulnerability Important