Microsoft has released 63 security patches for this month’s September 2022 release. One of the fixes is for CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability). Rated critical and deemed “exploitation more likely” by Microsoft, successful exploitation of the vulnerability allows a remote unauthenticated attacker o run code on the vulnerable machine. This has a CVSS score of 9.8.Why is this Significant?This is significant because CVE-2022-34718 ((Windows TCP/IP Remote Code Execution Vulnerability) is a remote code execution vulnerability that is considered “exploitation more likely” by Microsoft as such a fix should be applied as soon as possible. This has a CVSS score of 9.8 out of 10 and is rated critical by Microsoft.Systems with the IPSec service is running are vulnerable to CVE-2022-34718. Systems with IPv6 disabled are not affected. Is CVE-2022-34718 being Exploited in the Wild?No, the vulnerability has not been observed nor reported as being exploited in the wild.Is there Any Other Vulnerability in the September Patch Tuesday that Requires Attention?Microsoft also released a patch for a local privilege escalation vulnerability that affects Windows Common Log File System Driver (CVE-2022-37969). Exploitation of this vulnerability does not require any user interaction; however an attacker needs to have access to the target’s system to carry out the attack. This has a CVSS score of 7.8 and is rated important.Is CVE-2022-37969 being Exploited in the Wild?According to the advisory released by Microsoft, CVE-2022-37969 was exploited as a zero-day as such a fix should be applied as soon as possible.Has Microsoft Released a Patch for CVE-2022-34718 and CVE-2022-37969?Yes, Microsoft has released a patch for CVE-2022-34718 and CVE-2022-37969 on September 13th, 2022 as part of regular MS Tuesday for the month.What is the Status of Coverage?FortiGuard Labs has released the following IPS signature in response to CVE-2022-34718 (available from version 22.393):MS.Windows.TCP.IP.CVE-2022-34718.Remote.Code.Execution (default action set to “pass”)Currently there is no sufficient information available for CVE-2022-37969 that allows FortiGuard Labs to develop coverage. We are monitoring the situation and will investigate coverage when information becomes available.
More Stories
USN-7028-1: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...
python-zipp-0.5.1-4.el8
FEDORA-EPEL-2024-d7489f4064 Packages in this update: python-zipp-0.5.1-4.el8 Update description: Security fix for CVE-2024-5569 (rhbz#2297119) Read More
USN-7020-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7007-2: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-6992-2: Firefox regressions
USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...