Patch Tuesday is once again upon us. The September 2022 edition of Patch Tuesday brings us 63 fixes, with 5 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the September 2022 Patch Tuesday Audit Report
Windows TCP/IP Remote Code Execution Vulnerability
Of the 5 critical vulnerabilities fixed in this Patch Tuesday, only one is more likely to be exploited. CVE-2022-34718 is a remote code execution vulnerability that received a CVSS score of 9.8. When exploited it would allow an unauthenticated attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled. This in turn could enable a remote code execution exploitation on that machine. However, this also means that only systems with the IPSec service running would be vulnerable to this attack.
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
Two of the critical vulnerabilities CVE-2022-34721 and CVE-2022-34722 are remote code execution vulnerabilities in the Windows Internet Key Exchange (IKE) protocol. More specifically, IKEv1. IKEv2 is not impacted. All Windows Servers are affected though because they accept both V1 and V2 packets. While these vulnerabilities are less likely to be exploited, they still received a CVSS score of 9.8 and should be addressed as soon as possible.
Just like with the vulnerability above, these vulnerabilities could allow an unauthenticated attacker to send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
The final two critical vulnerabilities that were addressed in this Patch Tuesday are a set of remote code execution vulnerabilities that affect the on-premises version of the Microsoft Dynamics CRM. CVE-2022-34700 and CVE-2022-35805 both received a CVSS score of 8.8, but they are once again less likely to be exploited.
These vulnerabilities would allow an authenticated user to run a specially crafted trusted solution package to execute arbitrary SQL commands. From there they would be able to escalate and execute commands as db_owner within their Dynamics 365 database. The fact that the user must be authenticated makes it harder to exploit these vulnerabilities.
Run the Patch Tuesday September 2022 Audit Report
To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday September 2022 CVE Codes & Titles
| CVE Number | CVE Title |
| CVE-2022-38020 | Visual Studio Code Elevation of Privilege Vulnerability |
| CVE-2022-38019 | AV1 Video Extension Remote Code Execution Vulnerability |
| CVE-2022-38013 | .NET Core and Visual Studio Denial of Service Vulnerability |
| CVE-2022-38011 | Raw Image Extension Remote Code Execution Vulnerability |
| CVE-2022-38010 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-38009 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-38008 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-38007 | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability |
| CVE-2022-38006 | Windows Graphics Component Information Disclosure Vulnerability |
| CVE-2022-38005 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-38004 | Windows Fax Service Remote Code Execution Vulnerability |
| CVE-2022-37969 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2022-37964 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2022-37963 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-37962 | Microsoft PowerPoint Remote Code Execution Vulnerability |
| CVE-2022-37961 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-37959 | Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability |
| CVE-2022-37958 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability |
| CVE-2022-37957 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2022-37956 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2022-37955 | Windows Group Policy Elevation of Privilege Vulnerability |
| CVE-2022-37954 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2022-35841 | Windows Enterprise App Management Service Remote Code Execution Vulnerability |
| CVE-2022-35840 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-35838 | HTTP V3 Denial of Service Vulnerability |
| CVE-2022-35837 | Windows Graphics Component Information Disclosure Vulnerability |
| CVE-2022-35836 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-35835 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-35834 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-35833 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2022-35832 | Windows Event Tracing Denial of Service Vulnerability |
| CVE-2022-35831 | Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| CVE-2022-35830 | Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| CVE-2022-35828 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability |
| CVE-2022-35823 | Microsoft SharePoint Remote Code Execution Vulnerability |
| CVE-2022-35805 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability |
| CVE-2022-35803 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2022-34734 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-34733 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-34732 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-34731 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2022-34730 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-34729 | Windows GDI Elevation of Privilege Vulnerability |
| CVE-2022-34728 | Windows Graphics Component Information Disclosure Vulnerability |
| CVE-2022-34727 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-34726 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2022-34725 | Windows ALPC Elevation of Privilege Vulnerability |
| CVE-2022-34724 | Windows DNS Server Denial of Service Vulnerability |
| CVE-2022-34723 | Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability |
| CVE-2022-34722 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability |
| CVE-2022-34721 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability |
| CVE-2022-34720 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability |
| CVE-2022-34719 | Windows Distributed File System (DFS) Elevation of Privilege Vulnerability |
| CVE-2022-34718 | Windows TCP/IP Remote Code Execution Vulnerability |
| CVE-2022-34700 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability |
| CVE-2022-33679 | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2022-33647 | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2022-30200 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
| CVE-2022-30196 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2022-30170 | Windows Credential Roaming Service Elevation of Privilege Vulnerability |
| CVE-2022-26929 | .NET Framework Remote Code Execution Vulnerability |
| CVE-2022-26928 | Windows Photo Import API Elevation of Privilege Vulnerability |
| CVE-2022-23960 | Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability |
"*" indicates required fields
Receive the Latest Patch Tuesday Report for FREE Every Month
