Security News > 2022 > September > Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day exploited by attackers.
CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, and an attacker must already have access and the ability to run code on the target system before trying to trigger it.
CVE-2022-37969 was disclosed by researchers from four different security companies and this, according to Zero Day Initiative's Dustin Childs, means that it's likely that the attacks in which it's exploited are not just targeted.
Childs advises admins to also prioritize fixing CVE-2022-34724, a Windows DNS Server Denial of Service Vulnerability, due to its potential impact to enterprise resources; and CVE-2022-34718, a RCE vulnerability in Windows TCP/IP that could be triggered without user interaction.
Microsoft has also patched two RCEs in the Windows Internet Key Exchange Protocol that could also be exploited via a specially crafted IP packet if the target machine has IPSec enabled.
Finally, there's a fix for a cache speculation vulnerability known as Spectre-BHB affecting Windows 11 for ARM64-based Systems, critical fixes for several SharePoint RCEs, and even for a PowerPoint RCE that can be exploited if an attacker tricks users into downloading and opening a specially crafted presentation file.
News URL
https://www.helpnetsecurity.com/2022/09/13/cve-2022-37969/
Related news
- Microsoft shares more details on Windows 11 admin protection (source)
- Microsoft launches Zero Day Quest hacking event with $4 million in rewards (source)
- Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365 (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft announces Zero Day Quest hacking event with big rewards (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Microsoft confirms game audio issues on Windows 11 24H2 PCs (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-37969 | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 0.0 |
| 2022-09-13 | CVE-2022-34724 | Unspecified vulnerability in Microsoft products Windows DNS Server Denial of Service Vulnerability | 0.0 |
| 2022-09-13 | CVE-2022-34718 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 0.0 |