[German]On November 8, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. The security updates fix 68 vulnerabilities, 11 of which are rated critical, and six 0-day vulnerabilities are already exploited. Among other things, a printer vulnerability in Windows, and a Microsoft Exchange vulnerability (NotProxyShell) are corrected – both classified as critical. Below is a compact overview of these updates released on Patchday.
Advertising
A list of the updates can be found on this Microsoft page. Details about the update packages for Windows, Office, etc. are available in separate blog posts.
Notes on the updates
Windows 10 version 20H2 to 22H2 use a common core and have an identical set of system files. Therefore, the same security update will be delivered for these Windows 10 versions. Information on enabling the features of Windows 10, which is done through an Enablement Package update, can be found in this Techcommunity post.
All Windows 10 updates are cumulative. The monthly patchday update contains all security fixes for Windows 10 and all non-security fixes until patchday. In addition to vulnerability security patches, the updates include security enhancements.
Microsoft is integrating the Servicing Stack Updates (SSUs) into the Latest Cumulative Updates (LCUs) for newer versions of Windows 10. A list of the latest SSUs can be found at ADV990001 (although the list is not always up-to-date). Windows 7 SP1 is no longer supported as of January 2020.
Only customers with a 3rd year ESU license (or bypass measures) will still receive updates. With the current ESU bypass lets install the update. Updates can also be downloaded from the Microsoft Update CatalogUpdates for Windows RT 8.1 and Microsoft Office RT are only available through Windows Update.
Fixed vulnerabilities
Bleeping Computer has this article, according to which the November 2022 security updates fix 68 vulnerabilities, 11 of them critical and six 0-day vulnerabilities. Tenable also has this blog post with an overview of the fixed vulnerabilities. However, Tenable only gives 62 vulnerabilities with CVEs, nine of which are classified as critical, 53 are classified as "important". Furthermore, four 0-day vulnerabilities that are already exploited should have been fixed. So there are discrepancies between Bleeping Computer and Tenable.
Advertising
- Thus, two Windows Mark of the Web vulnerabilities (CVE-2022-41049, CVE-2022-41091) that I addressed in the blog have been closed (see links at the end of the article).
- CVE-2022-41073 closes a Windows Print Spooler Elevation of Privilege vulnerability.
- CVE-2022-41125 is a Windows CNG Key Isolation Service Elevation of Privilege vulnerability.
- CVE-2022-41118 and CVE-2022-41128 are Windows Scripting Languages Remote Code Execution vulnerabilities.
- CVE-2022-3602 and CVE-2022-3786 are two X.509 certificate verification buffer overrun vulnerabilities that were recently closed in OpenSSL.
A list of all covered CVEs can be found on this Microsoft page, and excerpts are available in the linked articles from Tenable and Bleeping Computer. Below is still the list of patched products:
- .NET Framework
- AMD CPU Branch
- Azure
- Azure Real Time Operating System
- Linux Kernel
- Microsoft Dynamics
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Office Word
- Network Policy Server (NPS)
- Open Source Software
- Role: Windows Hyper-V
- SysInternals
- Visual Studio
- Windows Advanced Local Procedure Call
- Windows ALPC
- Windows Bind Filter Driver
- Windows BitLocker
- Windows CNG Key Isolation Service
- Windows Devices Human Interface
- Windows Digital Media
- Windows DWM Core Library
- Windows Extensible File Allocation
- Windows Group Policy Preference Client
- Windows HTTP.sys
- Windows Kerberos
- Windows Mark of the Web (MOTW)
- Windows Netlogon
- Windows Network Address Translation (NAT)
- Windows ODBC Driver
- Windows Overlay Filter
- Windows Point-to-Point Tunneling Protocol
- Windows Print Spooler Components
- Windows Resilient File System (ReFS)
- Windows Scripting
- Windows Win32K
Similar articles:
Microsoft Office Updates (November 1, 2022)
Microsoft Security Update Summary (November 8, 2022)
Patchday: Windows 10-Updates (November 8, 2022)
Patchday: Windows 11/Server 2022-Updates (November 8, 2022)
Windows 7/Server 2008 R2; Windows 8.1/Server 2012 R2: Updates (November 8, 2022)
Patchday: Microsoft Office Updates (November 8, 2022)
Windows 10 20H2-22H2 Preview Update KB5018482 (Oct. 25, 2022)
Windows 11 22H2: Preview-Update KB5018496 (Oct. 25, 2022)
Windows 11 21H2: Preview Update (Oct. 25, 2022)
Windows Server 2022 Preview Update KB5018485 (Oct. 25, 2022)
Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)
Windows 0-day (Mark of the Web) used for ransomware attacks via JavaScript
Advertising