Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0193
Microsoft Patch Tuesday update for Microsoft Windows for October 2022
12 October 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows
Windows Server
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-41081 CVE-2022-41033 CVE-2022-38051
CVE-2022-38050 CVE-2022-38047 CVE-2022-38046
CVE-2022-38045 CVE-2022-38044 CVE-2022-38043
CVE-2022-38042 CVE-2022-38041 CVE-2022-38040
CVE-2022-38039 CVE-2022-38038 CVE-2022-38037
CVE-2022-38036 CVE-2022-38034 CVE-2022-38033
CVE-2022-38032 CVE-2022-38031 CVE-2022-38030
CVE-2022-38029 CVE-2022-38028 CVE-2022-38027
CVE-2022-38026 CVE-2022-38025 CVE-2022-38022
CVE-2022-38021 CVE-2022-38016 CVE-2022-38003
CVE-2022-38000 CVE-2022-37999 CVE-2022-37998
CVE-2022-37997 CVE-2022-37996 CVE-2022-37995
CVE-2022-37994 CVE-2022-37993 CVE-2022-37991
CVE-2022-37990 CVE-2022-37989 CVE-2022-37988
CVE-2022-37987 CVE-2022-37986 CVE-2022-37985
CVE-2022-37984 CVE-2022-37983 CVE-2022-37982
CVE-2022-37981 CVE-2022-37980 CVE-2022-37979
CVE-2022-37978 CVE-2022-37977 CVE-2022-37976
CVE-2022-37975 CVE-2022-37974 CVE-2022-37973
CVE-2022-37970 CVE-2022-37965 CVE-2022-35770
CVE-2022-34689 CVE-2022-33645 CVE-2022-33635
CVE-2022-33634 CVE-2022-30198 CVE-2022-24504
CVE-2022-22035
Comment: CVSS (Max): 8.8 CVE-2022-37976 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
OVERVIEW
Microsoft has released its monthly security patch update for the
month of October 2022.
This update resolves 68 vulnerabilities across the following
product(s): [1]
Windows 10
Windows 11
Windows 8.1
Windows RT 8.1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2022-22035 Remote Code Execution Critical
CVE-2022-24504 Remote Code Execution Critical
CVE-2022-30198 Remote Code Execution Critical
CVE-2022-33634 Remote Code Execution Critical
CVE-2022-33635 Remote Code Execution Important
CVE-2022-33645 Denial of Service Important
CVE-2022-34689 Spoofing Critical
CVE-2022-35770 Spoofing Important
CVE-2022-37965 Denial of Service Important
CVE-2022-37970 Elevation of Privilege Important
CVE-2022-37973 Denial of Service Important
CVE-2022-37974 Information Disclosure Important
CVE-2022-37975 Elevation of Privilege Important
CVE-2022-37976 Elevation of Privilege Critical
CVE-2022-37977 Denial of Service Important
CVE-2022-37978 Security Feature Bypass Important
CVE-2022-37979 Elevation of Privilege Critical
CVE-2022-37980 Elevation of Privilege Important
CVE-2022-37981 Denial of Service Important
CVE-2022-37982 Remote Code Execution Important
CVE-2022-37983 Elevation of Privilege Important
CVE-2022-37984 Elevation of Privilege Important
CVE-2022-37985 Information Disclosure Important
CVE-2022-37986 Elevation of Privilege Important
CVE-2022-37987 Elevation of Privilege Important
CVE-2022-37988 Elevation of Privilege Important
CVE-2022-37989 Elevation of Privilege Important
CVE-2022-37990 Elevation of Privilege Important
CVE-2022-37991 Elevation of Privilege Important
CVE-2022-37993 Elevation of Privilege Important
CVE-2022-37994 Elevation of Privilege Important
CVE-2022-37995 Elevation of Privilege Important
CVE-2022-37996 Information Disclosure Important
CVE-2022-37997 Elevation of Privilege Important
CVE-2022-37998 Denial of Service Important
CVE-2022-37999 Elevation of Privilege Important
CVE-2022-38000 Remote Code Execution Critical
CVE-2022-38003 Elevation of Privilege Important
CVE-2022-38016 Elevation of Privilege Important
CVE-2022-38021 Elevation of Privilege Important
CVE-2022-38022 Elevation of Privilege Important
CVE-2022-38025 Information Disclosure Important
CVE-2022-38026 Information Disclosure Important
CVE-2022-38027 Elevation of Privilege Important
CVE-2022-38028 Elevation of Privilege Important
CVE-2022-38029 Elevation of Privilege Important
CVE-2022-38030 Information Disclosure Important
CVE-2022-38031 Remote Code Execution Important
CVE-2022-38032 Security Feature Bypass Important
CVE-2022-38033 Information Disclosure Important
CVE-2022-38034 Elevation of Privilege Important
CVE-2022-38036 Denial of Service Important
CVE-2022-38037 Elevation of Privilege Important
CVE-2022-38038 Elevation of Privilege Important
CVE-2022-38039 Elevation of Privilege Important
CVE-2022-38040 Remote Code Execution Important
CVE-2022-38041 Denial of Service Important
CVE-2022-38042 Elevation of Privilege Important
CVE-2022-38043 Information Disclosure Important
CVE-2022-38044 Remote Code Execution Important
CVE-2022-38044 Remote Code Execution Important
CVE-2022-38045 Elevation of Privilege Important
CVE-2022-38046 Information Disclosure Important
CVE-2022-38047 Remote Code Execution Critical
CVE-2022-38050 Elevation of Privilege Important
CVE-2022-38051 Elevation of Privilege Important
CVE-2022-41033 Elevation of Privilege Important
CVE-2022-41081 Remote Code Execution Critical
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5018410, KB5018411, KB5018418, KB5018419, KB5018421
KB5018425, KB5018427, KB5018457, KB5018474, KB5018476
KB5018478
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY0YCuckNZI30y1K9AQglsQ/+MSoyBASNzXWHTo2RDjuWYlHeAlOic6b1
zUTncRmGTN9GjTHlREaPFDeQ805H8JrwmAYNfdf9wyOV3CffV7ekr/GGHWzi/Ckx
fiwUitq9DcMOHi+Fr1NvvZwsbaGt4oYFwlVoXxEVY58+3R/E2bT5u0QMECBM8WJ8
7ABepZXdtbDaWpCpa1Nkh6NBQhvm5IQGtBljTdlXvim4ActQaiUo1GCXbPI98gcy
Yt5ugnlIs4I4Vqha1sxR45FPcjsVQ5x75TEinu1FVJAsRRatGcS+TpOLGTK9fmh6
1CGhuhagaTGvrgr0D/TkL8t4SBvPjIu8aESoP+wgorejIfYAb55J2woBaGd8WQBu
LK4QYCVfVRVcqRNCMYfK62SuYJIMhnhtgD1l9xrRf/l0iPpPl1Hy0ojdG3ANMI+d
R6INux8H/6D7MbwSe7XFIMkdVn7ZraUq6X20o1Il6a8DMznfQtrbOvsqot+fm7MU
sXCpzVOz3NjC/wJn0Hfuxb4Ed9avwUIT/3KXTSQ1xl/dQhMw7wtbEDAzLNXWRZl7
jxNMoeqvl9jI5iOHeyDr2d5EP3L0BnJEYUUzKbnakGZIVe/I/CwJwQljXAki7EfL
oYYeklhwgSAcxq4JsaLqvLnM7NssDCVvETZ+nIKNguV+tSrlVlFamUTo7hzszWxk
tcZNyGidL/s=
=2hgH
-----END PGP SIGNATURE-----