Security News > 2022 > September > Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day exploited by attackers.
CVE-2022-37969 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, and an attacker must already have access and the ability to run code on the target system before trying to trigger it.
CVE-2022-37969 was disclosed by researchers from four different security companies and this, according to Zero Day Initiative's Dustin Childs, means that it's likely that the attacks in which it's exploited are not just targeted.
Childs advises admins to also prioritize fixing CVE-2022-34724, a Windows DNS Server Denial of Service Vulnerability, due to its potential impact to enterprise resources; and CVE-2022-34718, a RCE vulnerability in Windows TCP/IP that could be triggered without user interaction.
Microsoft has also patched two RCEs in the Windows Internet Key Exchange Protocol that could also be exploited via a specially crafted IP packet if the target machine has IPSec enabled.
Finally, there's a fix for a cache speculation vulnerability known as Spectre-BHB affecting Windows 11 for ARM64-based Systems, critical fixes for several SharePoint RCEs, and even for a PowerPoint RCE that can be exploited if an attacker tricks users into downloading and opening a specially crafted presentation file.
News URL
https://www.helpnetsecurity.com/2022/09/13/cve-2022-37969/
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Microsoft shares workaround for Windows security update issues (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-13 | CVE-2022-37969 | Out-of-bounds Write vulnerability in Microsoft products Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
| 2022-09-13 | CVE-2022-34724 | Unspecified vulnerability in Microsoft products Windows DNS Server Denial of Service Vulnerability | 0.0 |
| 2022-09-13 | CVE-2022-34718 | Unspecified vulnerability in Microsoft products Windows TCP/IP Remote Code Execution Vulnerability | 0.0 |