Game Empress

Microsoft’s Security Update Pack for December 2022

Microsoft's Security Update Pack for December 2022

Written by

George

in

,

Microsoft’s Security Update Pack: More than four dozen vulnerabilities in Windows and other Microsoft applications were patched in Microsoft’s final monthly security update for 2022.

In addition to a severe weakness in PowerShell and a dangerous flaw in Windows 11 computers, this week’s Patch Tuesday addresses a zero-day in a Windows function that attempts to detect harmful files via the Web.

Read more:-

Microsoft’s Security Update Pack

Azure, Microsoft Edge, Office, SharePoint Server, SysInternals, and the.NET framework all receive patches for heightened security. Six of the update packages received Microsoft’s highest “critical” classification, indicating they address vulnerabilities that malicious software or individuals might exploit to take control of an unpatched Windows machine remotely and undetected.

CVE-2022-44698 is being actively exploited, and it allows attackers to escape Windows SmartScreen’s protections. Due to this flaw, malicious actors can create documents that can be downloaded from shady sources without being marked as such by Microsoft’s “Mark of the Web.”

According to Greg Wiseman, product manager at security firm Rapid7, “this means no Protected View for Microsoft Office documents, making it simpler to entice users to do dodgy things like launch malicious macros.” This is the second Mark of the Web vulnerability that Microsoft has addressed in as many months; security researcher Will Dormann initially publicized both of these over the previous two months on Twitter.

Microsoft's Security Update Pack
Microsoft’s Security Update Pack

CVE-2022-44710 is an elevation of privilege problem in Windows 11’s DirectX graphics component that has been publicly publicized (but is not currently being actively exploited).

CVE-2022-41076 is a remote code execution weakness in PowerShell, a fundamental component of Windows that facilitates the automation of system functions and customizations.

Read more:-

According to Kevin Breen of Immersive Labs, even though Microsoft doesn’t disclose much about CVE-2022-41076 beyond the label “Exploitation More Likely,” the company does indicate that an attacker must take additional steps to prepare the target environment before exploiting the flaw.

However, we do know that exploiting a system requires an authenticated user level of access, so while it’s not apparent what activities are needed, Breen assured us that it takes at least that. The use of MalDocs or LNK files in first infections “suggests that the exploit involves a social engineering element,” the researchers wrote.

For example, Outlook for Mac has a spoofing vulnerability (CVE-2022-44713), which Trend Micro’s Zero Day Initiative mentions in a blog post about phishing documents.

While ZDI’s Dustin Childs said that “we don’t commonly emphasize spoofing problems,” it is important to pay attention whenever you are dealing with a spoofing bug in an e-mail client.

An untrusted user could be made to look like a trusted one thanks to this flaw. Now add in the fact that you can get beyond the SmartScreen Mark of the Web protection by downloading an attachment called “Executive Compensation.xlsx” from an email purporting to originate from your boss, and it’s easy to see how this may go horribly wrong. Very few people would refuse to open that file under those circumstances.

Microsoft has also issued recommendations in response to concerns that Windows Hardware Developer Program-approved drivers have been used in malicious post-exploitation attacks.

There is evidence from at least three enterprises that hackers are utilizing these signed malicious driver files to prepare to spread ransomware inside the networks of unsuspecting victims. The action was linked to the Russian ransomware gang Cuba, which has extorted an estimated $60 million from victims since 2019.

Read more:-

It’s true that Microsoft isn’t the only potential source of terrifying and urgent security dangers. Apple also patched a recently found zero-day vulnerability that might allow remote code execution in Safari, macOS, tvOS, and iOS on Tuesday alongside a slew of other security patches.

Since both Fortinet and Citrix are seeing active attacks on recently fixed vulnerabilities, it is likely that those responsible for managing these remote access technologies will need to update.

The always-helpful Patch Tuesday roundup from the SANS Internet Storm Center provides a detailed look at the fixes published by Microsoft today (indexed by severity and other metrics). As a result, waiting a few days to update can be beneficial as Microsoft irons out any problems with the updates.

Frequently asked questions

What is Microsoft’s security update?

When a product has a security flaw, a security update is given to the public to patch the flaw. Severity ratings are assigned to security flaws. Microsoft’s security bulletin classifies the issue as “critical,” “important,” “moderate,” or “low.”

Is it necessary to update the security patch?

There should never be a lapse in security. It’s a precaution you can take to keep your phone safe. As hackers race to find new weaknesses, the security sector is in a perpetual state of change.

What happens if you don’t update the security patch?

Failing to install the latest security patches for regularly used software on your computer increases the risk of a persistent infection. For as long as the exploit is active and the hacker is inside, the software they utilize as a backdoor will also be inside.

Final Words: We hope you have found all the relevant information about Microsoft’s Security Update Pack for December 2022. Stay tuned with us here at Gameempress.com.

More posts