Patch Tuesday November 2022 Microsoft fixes 65 security issues

Microsoft released November 2022 Patch Tuesday security updates to address 65 flaws, including an actively exploited Windows zero-day.

- Advertisement -

Microsoft regularly releases an anticipated batch of security patches and updates for various products and services on every second Tuesday of the month. And This has become known as Microsoft security Patch Tuesday update, keep this tradition today 08 November 2022 second Tuesday of the month and Microsoft has released 65 security fixes including two zero-day vulnerabilities. Ten of the vulnerabilities fixed today were classified as Critical as they enable attackers to achieve remote code execution, privilege elevation, or spoofing. Microsoft rates the rest of the bugs (55) as ‘Important’ in severity.

The October security update includes patches for:

  • 26 elevation of privilege (EoP) bugs,
  • 16 remote code execution (RCE) vulnerabilities,
  • 10 information disclosure bugs,
  • 6 denial of service bugs,
  • 3 spoofing bugs
  • 4 security feature bypass vulnerabilities.

Earlier this month, on November 2, 2022, Microsoft also released two (2) advisories for OpenSSL 3.x for Azure SDK for C++, C++ Library Manager for Windows (vcpkg), and Microsoft Azure Kubernetes Service (CVE-2022-3602CVE-2022-3786).

Important security updates and patches to fix critical bugs or vulnerabilities are released on Patch Tuesday.

- Advertisement -

A total of 39 unique Microsoft products, features, and roles, including but not limited to Azure CLI, Microsoft Exchange Server Cumulative Update, Windows Endpoint, Windows Server, and Windows Server 2022 Datacenter: Azure Edition (Hotpatch) were included in this release.

The six actively exploited zero-day vulnerabilities fixed in today’s updates are:

CVE-2022-41128 – Windows Scripting Languages Remote Code Execution Vulnerability discovered by Clément Lecigne of Google’s Threat Analysis Group

  • This bug affects Microsoft’s Jscript9 scripting language and requires user interaction, meaning an attacker would need to convince a victim running a vulnerable version of Windows to visit a specially crafted server share or website through some type of social engineering, according to Narang

CVE-2022-41091 – Windows Mark of the Web Security Feature Bypass Vulnerability discovered by Will Dormann.

- Advertisement -

Mark of the Web (MoW) is meant to be applied to files downloaded from the Internet. These files should be treated differently and receive security warning dialogs when accessing them. This vulnerability is also listed as being under active attack, but again, Microsoft provides no information on how widespread these attacks may be.

CVE-2022-41073 – Windows Print Spooler Elevation of Privilege Vulnerability discovered by Microsoft Threat Intelligence Center (MSTIC).

- Advertisement -

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges

CVE-2022-41125 – Windows CNG Key Isolation Service Elevation of Privilege Vulnerability discovered by Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC).

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability discovered by GTSC and disclosed through Zero Dat initiative.

The privileges acquired by the attacker would be the ability to run PowerShell in the context of the system.

CVE-2022-41082 – Microsoft Exchange Server Remote Code Execution Vulnerability discovered by GTSC and disclosed through Zero Dat initiative.

The attacker for this vulnerability could target the server accounts in an arbitrary or remote code execution. As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call.

The full list of CVEs released by Microsoft for November 2022 Patch Tuesday security updates is available here,

Recent updates from other companies

Third-party vendors such as Google, Apple, SAP, Cisco, Fortinet, and VMware have released updates after last month’s Patch Tuesday. Other vendors who released updates in November 2022 include:

Windows security updates

In addition to the security fixes, Microsoft has also published an update for the Windows Update service to improve its reliability and performance.

Windows 11

Microsoft fixes 35 vulnerabilities in Windows 11, 5 of which are considered critical and 30 important.

  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41088
  • Windows Hyper-V Denial of Service Vulnerability —  CVE-2022-38015
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118

Windows 11 (version 22H2) – KB5019980 (OS Build 22621.819). Manual download from Microsoft Update Catalog.

Windows 11 (version 21H2) – KB5019961 (OS Build 22000.1219). Manual download from Microsoft Update Catalog.

windows 11 22H2

Windows 11 KB5019980 and KB5019961 updates include the following changes:

  • Fixes security issues for your Windows operating system.
  • Enhances search visual treatments on the taskbar to improve discoverability
  • Improve the backup experience when using your Microsoft Account (MSA)
  • Adds improvements to the Microsoft Account experience in Settings. For instance, you can manage your Microsoft OneDrive subscription and related storage alerts.
  • It adds Task Manager to the context menu when you right-click the taskbar.
  • It addresses an issue that might cause vertical and horizontal line artifacts to appear on the screen.
  • It addresses an issue in that stops the credential UI from displaying in IE mode when you use Microsoft Edge.
  • It addresses an issue that might fail to sync the audio when you record game play using the Xbox Game Bar.
  • It addresses an issue that affects File Explorer. It is less dependable when you browse for Microsoft OneDrive folders.
  • It addresses an issue that affects the Start menu. It stops working when you use keyboard commands to move pinned items to a folder at the end of a list.

Windows 10:

Windows 10 version 22H2 was affected by 37 vulnerabilities, 5 critical and 32 important.

  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41088
  • Windows Hyper-V Denial of Service Vulnerability —  CVE-2022-38015
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118

Windows 10 version 22H2 – KB5019959 (OS Build 19045.2251). Manual download from Microsoft Update Catalog. The same applies for windows 10 versions 21H1 and 21H2.

Windows 10 version 1809 – KB5019966 (OS Build 17763.3650). Manual download from Microsoft Update Catalog.

Note. Versions 1903 and 1909, as well as 2004, 20H2, 21H1, and 21H2 share a common base operating system version and have an identical set of system files. That is why they receive the same cumulative updates.

windows 10

Windows 10 KB5019959 and KB5019966 updates include the following changes:

  • Addresses security issues for your Windows operating system.
  • It addresses an issue that causes an OS upgrade to stop responding, and then it fails.
  • It addresses an issue that affects the font of three Chinese characters. When you format these characters as bold, the width size is wrong.
  • It addresses an issue that affects Microsoft Direct3D 9 games. The graphics hardware stops working if the hardware does not have a native Direct3D 9 driver.
  • It addresses graphical issues in games that use Microsoft D3D9 on some platforms.
  • It addresses an issue that affects Microsoft Edge when it is in IE Mode. The titles of pop-up windows and tabs are wrong.
  • It addresses an issue that affects the lasso tool in a graphics editing program.
  • It stops the start of daylight saving time in Jordan at the end of October 2022. The Jordan time zone will permanently shift to the UTC + 3 time zone.
  • It makes miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.

You can read the complete changelog on the Microsoft support site here.

Windows 8.1 and Windows Server 2012 R2

On the side of Windows 8.1, 23 vulnerabilities have been resolved. We have 4 critical flaws.

    • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
    • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41088
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039

windows 8.1

Windows 8.1 KB5020023 and KB5020010 updates include the following changes:

  • This update contains miscellaneous security improvements to internal OS functionality. No specific issues are documented for this release.
  • Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients.
  • Updates the daylight-saving time (DST) for Jordan to prevent moving the clock back 1 hour on October 28, 2022.
  • Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error:
  • Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled.
  • Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023CVE-2022-37966, and CVE-2022-37967.

Windows 7 SP1 and Windows Server 2008 R2

This Patch Tuesday fixes 43 security vulnerabilities in Windows 7, 8 of which are considered critical and 29 important.

  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41039
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability — CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41044

windows 7

Windows 7 KB5020000 and KB5020013 updates include the following changes:

  • Includes unspecified “miscellaneous security improvements to internal OS functionality”.
  • Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients.
  • Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error:
  • Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
  • Addresses security vulnerabilities in the Kerberos and Netlogon protocols as outlined in CVE-2022-38023CVE-2022-37966, and CVE-2022-37967.

Download the windows 10 update

All these security updates are automatically downloaded and installed via windows update. Or you force Windows update from settings, update & security check for updates to install November 2022 patch updates immediately on your device.

Checking for windows updates

If you are Looking for Windows 10 22H2 Update ISO image click here. Or check How to Upgrade to Windows 10 version 22H2 Using the media creation tool.

If you face any difficulty while installing these updates, Check Windows 10 Update troubleshooting guide to fix the windows 10 Cumulative update stuck downloading, failed to install with different errors, etc.

Also read:

- Advertisement -

Advertisment

ALSO READ:-

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here
Captcha verification failed!
CAPTCHA user score failed. Please contact us!