• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Elementor #32036

January 24, 2025

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

April 18, 2024

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

April 16, 2024
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Security»Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes
Security

Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes

September 15, 2022No Comments2 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Latest Hacking News
Share
Facebook Twitter LinkedIn Pinterest Email

This week, Microsoft has rolled out its monthly Patch Tuesday update bundle for September 2022. The update bundle addresses 84 security vulnerabilities but includes fewer critical-severity bugs. Windows users should ensure they update their devices at the earliest.

Four Critical Vulnerability Fixes

With September Patch Tuesday, Microsoft has two critical remote code execution vulnerabilities in the Windows Network File System. An authenticated attacker could exploit these vulnerabilities, CVE-2022-22029 and CVE-2022-22039, by making a specially crafted call to the NFS.

Microsoft has labeled them critical severity flaws that achieved CVSS scores of 8.1 and 7.5, respectively. For CVE-2022-22029, the tech giant has also shared detailed mitigations to address the flaw when an immediate system update isn’t possible.

Microsoft has also patched two other critical security bugs that could allow RCE attacks. These include,

  • CVE-2022-22038 (CVSS 8.1): RCE vulnerability in Remote Procedure Call Runtime. Exploiting the flaw required an attacker to send constant data for repeated exploitation attempts.
  • CVE-2022-30221 (CVSS 8.8): RCE flaw in Windows Graphics Component. An attacker could exploit the vulnerability by tricking the target user into connecting to a malicious RDP server.

Other Microsoft September Patch Tuesday

Alongside the four critical severity vulnerabilities, Microsoft has fixed 80 other important severity vulnerabilities across various products.

These include an actively exploited vulnerability, CVE-2022-22047, in the Windows Client Server Runtime Subsystem (CSRSS). The tech giant has described it as a privilege escalation flaw (CVSS 7.8), giving SYSTEM privileges to an attacker.

Microsoft has confirmed detecting active exploitation of the vulnerability sans public disclosure. However, they haven’t explained anything about the nature of attacks, the target systems, and other details.

See also  'Into the Radius' Brings Hardcore Post-Apocalyptic Survival to Quest 2 in September – Road to VR

In addition, Microsoft has also addressed two other privilege escalation flaws in Windows CSRSS. However, both the vulnerabilities, CVE-2022-22026 and CVE-2022-22049, remained under the radar, ditching active exploits.

The other vulnerable components receiving security fixes with the September update include Microsoft Defender for Endpoint, Microsoft Office, Skype for Business, Windows BitLocker, Boot Manager, Hyper-V, Windows DNS Server, Windows IIS Server, and more.

While the updates should automatically reach the respective devices, it’s still recommended for the users to check for system updates manually to avoid delayed patches.

Let us know your thoughts in the comments.

Source link

arrives bug fixes Microsoft Patch September Tuesday
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Microsoft Surface Laptop Go 3 review

October 26, 2023

Microsoft Surface Laptop Studio 2 review

October 13, 2023

ChatGPT Opened a New Era in Search. Microsoft Could Ruin It

March 27, 2023

Microsoft names lead independent director; startup vet Rebecca Lovell joins Greater Seattle Partners – Startup

March 15, 2023
Add A Comment

Comments are closed.

Editors Picks

Frame TV Deal: Cheapest Price Today

June 24, 2022

How An Air Marshal’s Cover Story Became A Global Technology Corporation

October 5, 2022

Dead Cells’ Enter The Panchaku update turns you into a pan-wielding ninja

August 7, 2022

Razer’s Kishi V2 mobile gamepad has improved switches

June 26, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Elementor #32036

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.