The September Microsoft Patch Tuesday has arrived, addressing a total of 63 vulnerabilities, a significant decrease from the 121 seen last month. Only 5 have been scored as critical with 2 publicly disclosed and 1 being exploited in the wild.
September's instalment includes patches for some key services such as:
This important vulnerability has been publicly disclosed and has been seen in the wild. With a CVSS of 7.8, successful exploitation of this vulnerability would allow an attacker to gain system privileges. Some measures need to be met before this can occur; an attacker would need access to the target system and the ability to run code upon it before this can be exploited.
Known as Spectre-BHB, this vulnerability affects Windows 11 for ARM64-based Systems and is the second publicly disclosed vulnerability this month. Known since March 2022 to researchers, the exploitation can cause speculation caused by mispredicted branches that can be used to cause cache allocation, which can then be used to infer information that should not be accessible.
Scoring a worrying CVSS of 9.8 this critical remote code execution vulnerability in the Windows TCP/IP service could allow an unauthenticated attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine. As this vulnerability can be exploited over a network without any authentication it has the potential to be wormable. This means malware can exploit this vulnerability and it does not require human interaction to spread its attack surface to another vulnerable system. Luckily, only systems with the IPSec service running and IPv6 enabled are vulnerable to this attack.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-Sep
Security update guide: https://msrc.microsoft.com/update-guide/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
