Patch Tuesday is once again upon us. The November 2022 edition of Patch Tuesday brings us 82 fixes, with 10 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the November 2022 Patch Tuesday Audit Report
Microsoft Exchange Server Vulnerabilities
Exchange is back on the menu this month. CVE-2022-41080 is the most severe of the six Exchange vulnerabilities fixed. It got a CVSS base score of 8.8 and has been identified to be the most likely out of the Exchange vulnerabilities to be exploited.
In addition, there are another five Exchange server vulnerabilities that got fixed with slightly lower CVSS scores (7.8-8.8).
The last few months Exchange has seen a flurry of vulnerabilities get disclosed and fixed, quickly becoming one of the most watched items by IT administrators when Microsoft publishes its monthly patches.
Windows Scripting Languages RCE
The most severe vulnerability this month is a remote code execution in the Windows Scripting Languages, specifically the JScript9 scripting language. While it doesn’t have the highest CVSS score at 8.8, Microsoft has shared that this CVE-2022-41128 has been exploited already. For a successful exploitation, an attacker would need to entice a user to visit a specific server share or website.
A second vulnerability in JScript9 and Chakra scripting has also been fixed. CVE-2022-41118 received a CVSS base score of 7.5 and isn’t as critical since no exploit has been detected.
Run the Patch Tuesday November 2022 Audit
To help manage your update progress, we’ve created the Patch Tuesday Audit that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday November 2022 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2022-41128 | Windows Scripting Languages Remote Code Execution Vulnerability |
CVE-2022-41125 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
CVE-2022-41123 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-41122 | Microsoft SharePoint Server Spoofing Vulnerability |
CVE-2022-41120 | Microsoft Windows Sysmon Elevation of Privilege Vulnerability |
CVE-2022-41119 | Visual Studio Remote Code Execution Vulnerability |
CVE-2022-41118 | Windows Scripting Languages Remote Code Execution Vulnerability |
CVE-2022-41116 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability |
CVE-2022-41114 | Windows Bind Filter Driver Elevation of Privilege Vulnerability |
CVE-2022-41113 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
CVE-2022-41109 | Windows Win32k Elevation of Privilege Vulnerability |
CVE-2022-41107 | Microsoft Office Graphics Remote Code Execution Vulnerability |
CVE-2022-41106 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-41105 | Microsoft Excel Information Disclosure Vulnerability |
CVE-2022-41104 | Microsoft Excel Security Feature Bypass Vulnerability |
CVE-2022-41103 | Microsoft Word Information Disclosure Vulnerability |
CVE-2022-41102 | Windows Overlay Filter Elevation of Privilege Vulnerability |
CVE-2022-41101 | Windows Overlay Filter Elevation of Privilege Vulnerability |
CVE-2022-41100 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
CVE-2022-41099 | BitLocker Security Feature Bypass Vulnerability |
CVE-2022-41098 | Windows GDI+ Information Disclosure Vulnerability |
CVE-2022-41097 | Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability |
CVE-2022-41096 | Microsoft DWM Core Library Elevation of Privilege Vulnerability |
CVE-2022-41095 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
CVE-2022-41093 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
CVE-2022-41092 | Windows Win32k Elevation of Privilege Vulnerability |
CVE-2022-41091 | Windows Mark of the Web Security Feature Bypass Vulnerability |
CVE-2022-41090 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability |
CVE-2022-41088 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2022-41086 | Windows Group Policy Elevation of Privilege Vulnerability |
CVE-2022-41085 | Azure CycleCloud Elevation of Privilege Vulnerability |
CVE-2022-41082 | Microsoft Exchange Server Remote Code Execution Vulnerability |
CVE-2022-41080 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-41079 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2022-41078 | Microsoft Exchange Server Spoofing Vulnerability |
CVE-2022-41073 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2022-41066 | Microsoft Business Central Information Disclosure Vulnerability |
CVE-2022-41064 | .NET Framework Information Disclosure Vulnerability |
CVE-2022-41063 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-41062 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2022-41061 | Microsoft Word Remote Code Execution Vulnerability |
CVE-2022-41060 | Microsoft Word Information Disclosure Vulnerability |
CVE-2022-41058 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
CVE-2022-41057 | Windows HTTP.sys Elevation of Privilege Vulnerability |
CVE-2022-41056 | Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability |
CVE-2022-41055 | Windows Human Interface Device Information Disclosure Vulnerability |
CVE-2022-41054 | Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
CVE-2022-41053 | Windows Kerberos Denial of Service Vulnerability |
CVE-2022-41052 | Windows Graphics Component Remote Code Execution Vulnerability |
CVE-2022-41051 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-41050 | Windows Extensible File Allocation Table Elevation of Privilege Vulnerability |
CVE-2022-41049 | Windows Mark of the Web Security Feature Bypass Vulnerability |
CVE-2022-41048 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2022-41047 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2022-41045 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
CVE-2022-41044 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2022-41040 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-41039 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
CVE-2022-41035 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
CVE-2022-39327 | GitHub: CVE-2022-39327 Improper Control of Generation of Code (‘Code Injection’) in Azure CLI |
CVE-2022-39253 | GitHub: CVE-2022-39253 Local clone optimization dereferences symbolic links by default |
CVE-2022-38046 | Web Account Manager Information Disclosure Vulnerability |
CVE-2022-38045 | Windows Server Service Elevation of Privilege Vulnerability |
CVE-2022-38043 | Windows Security Support Provider Interface Information Disclosure Vulnerability |
CVE-2022-38034 | Windows Workstation Service Elevation of Privilege Vulnerability |
CVE-2022-38023 | Netlogon RPC Elevation of Privilege Vulnerability |
CVE-2022-38022 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2022-38015 | Windows Hyper-V Denial of Service Vulnerability |
CVE-2022-38014 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability |
CVE-2022-37992 | Windows Group Policy Elevation of Privilege Vulnerability |
CVE-2022-37975 | Windows Group Policy Elevation of Privilege Vulnerability |
CVE-2022-37973 | Windows Local Session Manager (LSM) Denial of Service Vulnerability |
CVE-2022-37972 | Microsoft Endpoint Configuration Manager Spoofing Vulnerability |
CVE-2022-37967 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2022-37966 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability |
CVE-2022-35837 | Windows Graphics Component Information Disclosure Vulnerability |
CVE-2022-35823 | Microsoft SharePoint Remote Code Execution Vulnerability |
CVE-2022-34734 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2022-34732 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2022-34730 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
CVE-2022-23824 | AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions |
ADV220003 | Microsoft Defense in Depth Update |
"*" señala los campos obligatorios
Receive the Latest Patch Tuesday Report for FREE Every Month