• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Plant-based chicken startup Rebellyous Foods raises $9.5M to launch latest production tech – Startup

February 4, 2023

Startup T2 Wants to Terminate Twitter

February 4, 2023

Eight Steps An Entrepreneur Can Take To Start Repairing Their Personal Brand

February 4, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    Samsung’s One UI 5 update is largely about personalization

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Security»Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes
Security

Microsoft Patch Tuesday September Arrives With 80+ Bug Fixes

September 15, 2022No Comments2 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Latest Hacking News
Share
Facebook Twitter LinkedIn Pinterest Email

This week, Microsoft has rolled out its monthly Patch Tuesday update bundle for September 2022. The update bundle addresses 84 security vulnerabilities but includes fewer critical-severity bugs. Windows users should ensure they update their devices at the earliest.

Four Critical Vulnerability Fixes

With September Patch Tuesday, Microsoft has two critical remote code execution vulnerabilities in the Windows Network File System. An authenticated attacker could exploit these vulnerabilities, CVE-2022-22029 and CVE-2022-22039, by making a specially crafted call to the NFS.

Microsoft has labeled them critical severity flaws that achieved CVSS scores of 8.1 and 7.5, respectively. For CVE-2022-22029, the tech giant has also shared detailed mitigations to address the flaw when an immediate system update isn’t possible.

Microsoft has also patched two other critical security bugs that could allow RCE attacks. These include,

  • CVE-2022-22038 (CVSS 8.1): RCE vulnerability in Remote Procedure Call Runtime. Exploiting the flaw required an attacker to send constant data for repeated exploitation attempts.
  • CVE-2022-30221 (CVSS 8.8): RCE flaw in Windows Graphics Component. An attacker could exploit the vulnerability by tricking the target user into connecting to a malicious RDP server.

Other Microsoft September Patch Tuesday

Alongside the four critical severity vulnerabilities, Microsoft has fixed 80 other important severity vulnerabilities across various products.

These include an actively exploited vulnerability, CVE-2022-22047, in the Windows Client Server Runtime Subsystem (CSRSS). The tech giant has described it as a privilege escalation flaw (CVSS 7.8), giving SYSTEM privileges to an attacker.

Microsoft has confirmed detecting active exploitation of the vulnerability sans public disclosure. However, they haven’t explained anything about the nature of attacks, the target systems, and other details.

See also  Apple releases iOS 15.2.1 with bug fixes for CarPlay and Messages

In addition, Microsoft has also addressed two other privilege escalation flaws in Windows CSRSS. However, both the vulnerabilities, CVE-2022-22026 and CVE-2022-22049, remained under the radar, ditching active exploits.

The other vulnerable components receiving security fixes with the September update include Microsoft Defender for Endpoint, Microsoft Office, Skype for Business, Windows BitLocker, Boot Manager, Hyper-V, Windows DNS Server, Windows IIS Server, and more.

While the updates should automatically reach the respective devices, it’s still recommended for the users to check for system updates manually to avoid delayed patches.

Let us know your thoughts in the comments.

Source link

arrives bug fixes Microsoft Patch September Tuesday
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Microsoft Layoffs, Amazon Layoffs, And What’s Actually Happening In Tech

January 20, 2023

Ex-Lululemon chief joins Seattle startup; Microsoft AI ethics leader now at Google – Startup

January 17, 2023

Flexport hires Microsoft CVP; Avalara adds chief revenue officer; and more – Startup

January 14, 2023

Microsoft Teams CVP joins UiPath; Sage Bionetworks names president; and more – Startup

January 12, 2023
Add A Comment

Comments are closed.

Editors Picks

Hiring Gen Z Professionals? Eight Ways To Bring Out The Best In Them

August 26, 2022

Action platformer The Devil Within: Satgat announced

September 3, 2022

SSEN companions with Icebreaker One to interrupt power knowledge silos

July 22, 2022

Two Sisters Start a Homeware Brand Focused On Slowing Down

December 19, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Plant-based chicken startup Rebellyous Foods raises $9.5M to launch latest production tech – Startup

Startup T2 Wants to Terminate Twitter

Eight Steps An Entrepreneur Can Take To Start Repairing Their Personal Brand

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.