Security News > 2022 > September > Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day exploited by attackers.
CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, and an attacker must already have access and the ability to run code on the target system before trying to trigger it.
CVE-2022-37969 was disclosed by researchers from four different security companies and this, according to Zero Day Initiative's Dustin Childs, means that it's likely that the attacks in which it's exploited are not just targeted.
Childs advises admins to also prioritize fixing CVE-2022-34724, a Windows DNS Server Denial of Service Vulnerability, due to its potential impact to enterprise resources; and CVE-2022-34718, a RCE vulnerability in Windows TCP/IP that could be triggered without user interaction.
Microsoft has also patched two RCEs in the Windows Internet Key Exchange Protocol that could also be exploited via a specially crafted IP packet if the target machine has IPSec enabled.
Finally, there's a fix for a cache speculation vulnerability known as Spectre-BHB affecting Windows 11 for ARM64-based Systems, critical fixes for several SharePoint RCEs, and even for a PowerPoint RCE that can be exploited if an attacker tricks users into downloading and opening a specially crafted presentation file.
News URL
https://www.helpnetsecurity.com/2022/09/13/cve-2022-37969/
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-37969 | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| 2022-09-13 | CVE-2022-34724 | Unspecified vulnerability in Microsoft products Windows DNS Server Denial of Service Vulnerability | 7.5 |
| 2022-09-13 | CVE-2022-34718 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |