Security News > 2022 > November > Microsoft squashes six security bugs already exploited in the wild
Another now-patched bug listed under active exploit, CVE-2022-41091, is a Windows Mark of the Web bypass vulnerability.
Exploiting CVE-2022-41091 involves tricking a victim into opening "a malicious file that would evade Mark of the Web defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MotW tagging," Redmond explained.
Ted teamer Kuba Gretzky also published an in-depth analysis of the bug; it's a good idea to patch ASAP. Finally, CVE-2022-41073, a Windows print spooler elevation of privilege bug, and CVE-2022-41125, a Windows CNG key isolation service elevation of privilege vulnerability, round out the last of the Microsoft flaws being exploited in the wild.
Successful exploit of CVE-2022-41125 could give an attacker SYSTEM privileges.
"The only reason why this vulnerability is not tagged with the maximum CVSS score of 10 is because it requires the attacker to have a minimum set of privileges in order to exploit it," Onapsis' security researcher Thomas Fritsch wrote.
"Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights," according to a Center for Internet Security advisory.
News URL
Related news
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-41125 | Out-of-bounds Write vulnerability in Microsoft products Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | 0.0 |
| 2022-11-09 | CVE-2022-41091 | Unspecified vulnerability in Microsoft products Windows Mark of the Web Security Feature Bypass Vulnerability | 0.0 |
| 2022-11-09 | CVE-2022-41073 | Out-of-bounds Write vulnerability in Microsoft products Windows Print Spooler Elevation of Privilege Vulnerability | 0.0 |