Microsoft’s November 2022 Patch Tuesday Fixes 6 Actively Exploited Zero-Day Vulnerabilities

Microsoft released its latest monthly security update, addressing 68 vulnerabilities that impact several products in its portfolio. The batch includes fixes for 11 issues marked as Critical, 55 as Important, and 2 OpenSSL vulnerabilities flagged as High severity.

The most severe flaws consist of code injection, elevation of privilege, denial of service (DoS) and remote code execution vulnerabilities affecting products such as Azure, Microsoft Exchange Server, Hyper-V, Kerberos, and Windows’ Point-to-Point Tunneling (PPTP) protocol.

November’s Patch Tuesday provides fixes for two high-severity OpenSSL vulnerabilities that could lead to crashes, facilitate remote code execution, or allow attackers to cause Denial of Service via buffer overrun.

A crucial part of this month’s security updates consists of patches for six actively exploited zero-day vulnerabilities, one of which was publicly disclosed. The now-patched zero-days are:

• CVE-2022-41040(Microsoft Exchange Server Elevation of Privilege Vulnerability) –Server-side request forgery (SSRF) vulnerability, allows remote code execution (RCE)
• CVE-2022-41073(Windows Print Spooler Elevation of Privilege Vulnerability) – Elevation of Privilege (EoP) vulnerability, could let attackers gain SYSTEM privileges on compromised devices
• CVE-2022-41082(Microsoft Exchange Server Remote Code Execution Vulnerability) –Allows remote code execution (RCE) if the attacker can access Exchange PowerShell
• CVE-2022-41091(Windows Mark of the Web Security Feature Bypass Vulnerability) –Attackers could bypass Windows “Mark of the Web” (MOTW) security feature by crafting a malicious file
• CVE-2022-41125(Windows CNG Key Isolation Service Elevation of Privilege Vulnerability) –Exploiting this vulnerability would grant attackers SYSTEM privileges on compromised devices
• CVE-2022-41128(Windows Scripting Languages Remote Code Execution Vulnerability) –Affecting the JScript9 scripting language, this vulnerability could let attackers perform remote code execution; it requires user interaction, in the form of the victim visiting a malicious server

Microsoft recommends prioritizing the latest security updates to prevent attackers from exploiting the vulnerabilities addressed. While most systems should install the updates automatically, you could also perform a manual check and apply any recommended patches.

Trustworthy security software such as Bitdefender Ultimate Security can also protect you against zero-day exploits and other types of cyberthreats with features like:

• Vulnerability assessment module that scans for potentially unsafe systems settings, vulnerable software and missing Windows security patches and suggests the best fix
• Continuous, all-around protection against worms, viruses, Trojans, ransomware, zero-day exploits, rootkits, spyware, ransomware and other types of e-threats
• Network threat prevention technology that detects suspicious network-level activities and blocks them before they could harm your system
• Advanced threat defense module that thoroughly scans active apps and blocks any suspicious activity