Skip to main content

Microsoft Monthly Security Update (October 2022)

Last Update Date: 3 Feb 2023 Release Date: 12 Oct 2022 7444 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
WindowsHigh Risk High RiskRemote Code Execution
Denial of Service
Spoofing
Elevation of Privilege
Information Disclosure
Security Restriction Bypass

CVE-2022-41033

is being exploited in the wild

 

Proof of Concept exploit code Is publicly available for CVE-2022-34689

Extended Security Updates (ESU)Medium Risk Medium RiskRemote Code Execution
Denial of Service
Spoofing
Elevation of Privilege
Information Disclosure
Security Restriction Bypass
 
AzureMedium Risk Medium RiskSpoofing
Elevation of Privilege
 
BrowserLow Risk Low RiskSpoofing 
System CenterMedium Risk Medium RiskElevation of Privilege 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution
Spoofing
Information Disclosure
 
Developer ToolsMedium Risk Medium RiskElevation of Privilege
Remote Code Execution
Information Disclosure
 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': High Risk

 

 

[Updated on 2023-02-03]

Proof of Concept exploit code Is publicly available for CVE-2022-34689.


Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Windows
  • Extended Security Updates (ESU)
  • Azure
  • Browser
  • System Center
  • Microsoft Office
  • Developer Tools

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier


Source


Related Link