It’s the second Tuesday of the month, which means that Windows users are looking towards Microsoft in hopes that some of the flaws they’ve been struggling with will finally get fixed. We’ve already provided the direct download links for the cumulative updates released today for Windows 7, 8.1, 10, and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again. For December, Microsoft released 52 new patches, which is a lot more than some people were expecting right before we switch to 2023. These software updates address CVEs in:
Microsoft Windows and Windows Components Azure Office and Office Components SysInternals Microsoft Edge (Chromium-based) SharePoint Server .NET framework
We got 52 new fixes in December 2022’s Patch Tuesday rollout
It’s safe to say that this wasn’t either the busiest or the lightest month for Redmond-based security experts, so we should be sort of glad. You might like to know that, out of the 52 new CVEs released, 43 are rated Important, and three are rated Moderate in severity. And, if you are looking for an overall for the year 2022, know that it actually was Microsoft’s second busiest ever with Microsoft fixing over 900 CVEs in total. Out of all these vulnerabilities addressed this month, one of the new CVEs is listed as publicly known, and one is listed as being in the wild at the time of release You might want to remember that these types of bugs are often wrapped into some form of social engineering attack, such as convincing someone to open a file or click a link. Let’s take a closer look at the full list of CVEs released by Microsoft for December 2022: SPONSORED The PowerShell Remote Code Execution Vulnerability is nothing to take lightly. This Critical-rated bug could actually allow an authenticated user to escape the PowerShell Remoting Session Configuration and run unapproved commands on an affected system. Malicious third parties often try to live off the land after an initial breach, which means that they use tools already on a system to maintain access and move throughout a network. Know that PowerShell is one such tool, so any bug that will therefore bypass active restrictions is likely to be abused by unwanted guests. As for the remaining Critical-rated fixes, there are two patches for the older Secure Socket Tunneling Protocol (SSTP). According to Microsoft, both could allow a remote, unauthenticated threat actor to get code execution on an affected system by sending a specially crafted connection request to a server with the RAS Server role enabled. There are 16 other remote code execution bugs getting fixes this December, packed along with 18 other patches addressing Elevation of Privilege (EoP) bugs. Let’s also mention the one new advisory (ADV220005) this month, which provides additional guidance on third-party drivers that appear to be certified by the Microsoft Windows Hardware Developer Program. The tech company stated that the drivers that appear to have been certified by this program have been seen in the wild in post-exploitation activity. Have you found any other issues after installing this month’s security updates? Share your experience with us in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
