Service Notices
Microsoft Releases November 2022 Security Updates
Nov 11, 2022 GMT+08:00
I. Overview
Microsoft has released its November 2022 security updates. A total of 65 security vulnerabilities have been disclosed, among which 10 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to perform remote code execution, escalate privileges, and leak sensitive information. The affected applications include Microsoft Windows, Microsoft Office, Microsoft Visual Studio and Microsoft Exchange Server.
For details, visit Microsoft official website:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov
The following vulnerabilities have been exploited by attackers:
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability (CVE-2022-41125): Authenticated attackers can exploit this vulnerability to escalate their privileges to SYSTEM. This vulnerability has been exploited in the wild and the risk is high.
Windows Print Spooler Elevation of Privilege Vulnerability (CVE-2022-41073): Authenticated attackers can exploit this vulnerability to escalate their privileges to SYSTEM. This vulnerability has been exploited in the wild and the risk is high.
Windows Mark of the Web Security Feature Bypass Vulnerability (CVE-2022-41091): An attacker can lure a user into clicking on a malicious link. The user clicking the malicious link allows the web query mark to be bypassed. The vulnerability details have been disclosed and the vulnerability has been exploited in the wild. The risk is high.
Windows Scripting Languages Remote Code Execution Vulnerability (CVE-2022-41128): To trigger this vulnerability, an attacker would lure a user into accessing a specially crafted server, which enables arbitrary code execution. This vulnerability is being widely exploited and the risk is high
17 vulnerabilities (such as CVE-2022-41080 and CVE-2022-38023) are officially marked as Exploitation More Likely. For details, see the official announcement. Please perform security self-check and security hardening in a timely manner to reduce attack risks.
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Office, Microsoft Visual Studio and Microsoft Exchange Server.
IV. Vulnerability Details
|
CVE No. |
Vulnerability |
Severity |
Affected Product |
|
CVE-2022-41088 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Important |
Windows 10, Windows 8.1/RT 8.1, Windows 11, Windows Server 2012/2012R/2016/2019/2022 |
|
CVE-2022-41128 |
Windows Scripting Languages Remote Code Execution Vulnerability |
Important |
Windows 10, Windows 8.1/RT 8.1, Windows 11, Windows 7, Windows Server 2008R/2012/2012R/2016/2019/2022 |
|
CVE-2022-38015 |
Windows Hyper-V Denial of Service Vulnerability |
Important |
Windows 10, Windows 11, Windows Server 2016/2019/2022 |
|
CVE-2022-37967 |
Windows Kerberos Elevation of Privilege Vulnerability |
Important |
Windows Server 2008/2008R/2012/2012R/2016/2019/2022 |
|
CVE-2022-41039 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Important |
Windows 10, Windows 8.1/RT 8.1, Windows 11, Windows 7, Windows Server 2008R/2012/2012R/2016/2019/2022 |
|
CVE-2022-37966 |
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability |
Important |
Windows Server 2008/2008R/2012/2012R/2016/2019/2022 |
|
CVE-2022-41080 |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Important |
Microsoft Exchange Server 2013/2016/2019 |
|
CVE-2022-41118 |
Windows Scripting Languages Remote Code Execution Vulnerability |
Important |
Windows 10, Windows 8.1/RT 8.1, Windows 11, Windows 7, Windows Server 2008R/2012R/2016/2019/2022 |
|
CVE-2022-41044 |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
Important |
Windows 7, Windows Server 2008/2008R |
|
CVE-2022-39327 |
Azure CLI Code Injection Vulnerability |
Important |
Azure CLI |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://msrc.microsoft.com/update-guide
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.