Microsoft’s Security Update Pack: More than four dozen vulnerabilities in Windows and other Microsoft applications were patched in Microsoft’s final monthly security update for 2022.
In addition to a severe weakness in PowerShell and a dangerous flaw in Windows 11 computers, this week’s Patch Tuesday addresses a zero-day in a Windows function that attempts to detect harmful files via the Web.
- Microsoft Raises Price Of First-party Xbox Games Built For Xbox Series X|s To $70 In 2023!
- Microsoft Committed To Bring Call Of Duty To Nintendo Switch For 10 Years!
Cyber threats are becoming more targeted. Today, 75% of common industrial controllers in customer OT networks have high-severity vulnerabilities. Learn how to stay safe: https://t.co/uGZoWMVJvk #SecurityInsider #OTSecurity pic.twitter.com/aNinVjHJh1
— Microsoft Security (@msftsecurity) December 14, 2022
Microsoft’s Security Update Pack
Azure, Microsoft Edge, Office, SharePoint Server, SysInternals, and the.NET framework all receive patches for heightened security. Six of the update packages received Microsoft’s highest “critical” classification, indicating they address vulnerabilities that malicious software or individuals might exploit to take control of an unpatched Windows machine remotely and undetected.
What are the must-haves when it comes to multicloud data protection?
Here are our four for seamless protection and governance across your entire digital estate: https://t.co/p8McVUQQXg #DataProtection #DataGovernance pic.twitter.com/7Algabi2Mn
— Microsoft Security (@msftsecurity) December 13, 2022
CVE-2022-44698 is being actively exploited, and it allows attackers to escape Windows SmartScreen’s protections. Due to this flaw, malicious actors can create documents that can be downloaded from shady sources without being marked as such by Microsoft’s “Mark of the Web.”
According to Greg Wiseman, product manager at security firm Rapid7, “this means no Protected View for Microsoft Office documents, making it simpler to entice users to do dodgy things like launch malicious macros.” This is the second Mark of the Web vulnerability that Microsoft has addressed in as many months; security researcher Will Dormann initially publicized both of these over the previous two months on Twitter.
CVE-2022-44710 is an elevation of privilege problem in Windows 11’s DirectX graphics component that has been publicly publicized (but is not currently being actively exploited).
CVE-2022-41076 is a remote code execution weakness in PowerShell, a fundamental component of Windows that facilitates the automation of system functions and customizations.
- Microsoft and Sony Have a Call of Duty Deal
- Microsoft Has Revealed The Games Heading To Xbox Game Pass This December 2022!
According to Kevin Breen of Immersive Labs, even though Microsoft doesn’t disclose much about CVE-2022-41076 beyond the label “Exploitation More Likely,” the company does indicate that an attacker must take additional steps to prepare the target environment before exploiting the flaw.
However, we do know that exploiting a system requires an authenticated user level of access, so while it’s not apparent what activities are needed, Breen assured us that it takes at least that. The use of MalDocs or LNK files in first infections “suggests that the exploit involves a social engineering element,” the researchers wrote.
For example, Outlook for Mac has a spoofing vulnerability (CVE-2022-44713), which Trend Micro’s Zero Day Initiative mentions in a blog post about phishing documents.
While ZDI’s Dustin Childs said that “we don’t commonly emphasize spoofing problems,” it is important to pay attention whenever you are dealing with a spoofing bug in an e-mail client.
An untrusted user could be made to look like a trusted one thanks to this flaw. Now add in the fact that you can get beyond the SmartScreen Mark of the Web protection by downloading an attachment called “Executive Compensation.xlsx” from an email purporting to originate from your boss, and it’s easy to see how this may go horribly wrong. Very few people would refuse to open that file under those circumstances.
Limited-time offer: save 50% on industry-leading endpoint protection that helps you shut down threats fast. Terms apply: https://t.co/aS62wWOx3Z #EndpointProtection pic.twitter.com/Va8uh8IEfW
— Microsoft Security (@msftsecurity) December 9, 2022
Microsoft has also issued recommendations in response to concerns that Windows Hardware Developer Program-approved drivers have been used in malicious post-exploitation attacks.
There is evidence from at least three enterprises that hackers are utilizing these signed malicious driver files to prepare to spread ransomware inside the networks of unsuspecting victims. The action was linked to the Russian ransomware gang Cuba, which has extorted an estimated $60 million from victims since 2019.
- Microsoft Has Announced Playstation Plus Games For December 2022!
- Microsoft Likely To Offer EU Concessions Soon In Activision Deal!
It’s true that Microsoft isn’t the only potential source of terrifying and urgent security dangers. Apple also patched a recently found zero-day vulnerability that might allow remote code execution in Safari, macOS, tvOS, and iOS on Tuesday alongside a slew of other security patches.
.@ING_news is all about innovation to meet customer needs.
Learn how it centralized a global landscape and increased security with Microsoft Security solutions—especially Microsoft Sentinel and the Defender suite: https://t.co/M6uApPj03o #CloudSecurity #EndpointProtection pic.twitter.com/ICoAvA3kOn
— Microsoft Security (@msftsecurity) December 12, 2022
Since both Fortinet and Citrix are seeing active attacks on recently fixed vulnerabilities, it is likely that those responsible for managing these remote access technologies will need to update.
The always-helpful Patch Tuesday roundup from the SANS Internet Storm Center provides a detailed look at the fixes published by Microsoft today (indexed by severity and other metrics). As a result, waiting a few days to update can be beneficial as Microsoft irons out any problems with the updates.
Frequently asked questions
What is Microsoft’s security update?
When a product has a security flaw, a security update is given to the public to patch the flaw. Severity ratings are assigned to security flaws. Microsoft’s security bulletin classifies the issue as “critical,” “important,” “moderate,” or “low.”
Is it necessary to update the security patch?
There should never be a lapse in security. It’s a precaution you can take to keep your phone safe. As hackers race to find new weaknesses, the security sector is in a perpetual state of change.
What happens if you don’t update the security patch?
Failing to install the latest security patches for regularly used software on your computer increases the risk of a persistent infection. For as long as the exploit is active and the hacker is inside, the software they utilize as a backdoor will also be inside.
Final Words: We hope you have found all the relevant information about Microsoft’s Security Update Pack for December 2022. Stay tuned with us here at Gameempress.com.