Microsoft Patch Tuesday fixes six zero-day vulnerabilities
November 9, 2022 – Published on SC Magazine
Microsoft patched six zero-day vulnerabilities in its latest monthly security update, including a pair of critical bugs that have been exploited by threat actors for months.
The targeted zero-days are part of 68 security fixes for the company’s November patch Tuesday, with 11 flaws flagged as Critical, 55 as Important, and two OpenSSL vulnerabilities marked as High severity.
Two long-awaited fixes are for critical ProxyNotShell flaws that have been under attack since September. The bug listed as CVE-2022-41040 is a server-side request forgery flaw that allows remote code execution and the second, tracked as CVE-2022-41082, allows remote code execution when PowerShell is accessible to the attacker. The two bugs can be chained together to compromise Exchange Server.
The company also addressed Mark of the Web (MotW) vulnerabilities that have been widely discussed within the security community in the past few weeks. The bugs tracked as CVE-2022-41091 and CVE-2022-41049 are two separate flaws in different versions of Windows, with only the former being exploited in the wild, according to Microsoft.
MotW is a Windows feature designed to protect users against files from untrusted sources, and the two vulnerabilities allow attackers to bypass the defenses by crafting a malicious file.
“MotW vulnerabilities have reportedly led to an increase in ransomware attacks, which is unfortunate,” Kristen Bell, director of application security at GuidePoint Security, added. “Security specialists have been preaching to users to take caution with any file they choose to open, download, or allow to execute on their machine.”
Read More HERE.