Microsoft recently published its October 2022 Patch Tuesday Bulletin. The bulletin showcases fixes for an actively exploited Windows vulnerability. Besides this Windows susceptibility, 83 different flaws were listed.
Of the 84 susceptibilities, 13 are called ‘critical.’ They either jointly or alternatively permit privilege elevation, remote code execution, or spoofing.
There are 69 essential vulnerabilities. Only one is called moderate.
“This patch fixes a security vulnerability that Microsoft stated is under active attack. However, it is not clear how severe these attacks are. Due to the nature of this vulnerability, a privilege escalation that often engages some social engineering (e.g., requiring the user to open a malicious attachment), history shows that it potentially needs to be chained with a code execution bug to exploit”, says Saeed Abbasi, Manager, Vulnerability Signatures, Qualys.
Interestingly, Microsoft hasn’t included a patch in the new update they mentioned almost two weeks ago. The vulnerability is related to ProxyNotShell in the exchange server. The vulnerability is tracked CVE-2022-41040.
Furthermore, this patch fixed two zero-day susceptibilities. The first one is a ‘Windows COM+ Event System ‘ elevation of CVSS Score 7.8 privilege vulnerability. Such vulnerabilities can impact a new function of the component COM+ Event System.
The October 2022 Patch report from Microsoft releases about a month later Apple releases an older iPhone iOS 12 update. This update also applies to iPad devices and is about patching a vulnerability that threat actors continuously exploit.