TRY NOW
Patch Tuesday

Microsoft Patch Tuesday – October 2022

7 min. read
11/10/2022
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

Patch Tuesday is once again upon us. The October 2022 edition of Patch Tuesday brings us 89 fixes, with 13 rated as critical. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the October 2022 Patch Tuesday Audit Report

Microsoft SharePoint Server RCE Vulnerability

One of the most critical vulnerabilities is in Sharepoint. CVE-2022-41038 received a CVSS base score of 8.8. Luckily, an attacker must both be authenticated to the target site and also have permission to access and use the Manage List within Sharepoint. The exploitation of this vulnerability could allow attackers to execute code remotely on your SharePoint servers.

Microsoft lists that luckily the vulnerability is not being actively exploited yet, but stresses that exploitation is likely, so best to update your SharePoint servers as soon as possible.

Additionally, three less severe vulnerabilities were also fixed for SharePoint. CVE-2022-41037, CVE-2022-41036, and CVE-2022-38053 are all three RCE vulnerabilities with a CVSS score of 8.8. However, Microsoft doesn’t rate them as critical.

Windows Point-to-Point Tunneling Protocol RCE

A staggering 7 of the critical vulnerabilities are in the Windows point-to-point tunneling protocol. All received a CVSS base score of 8.1.

Microsofts comments that for an attacker to exploit the vulnerability, they would need to send a specially crafted malicious PPTP packet to a PPTP server. If successful attackers are able to remotely execute code on the target machine.

Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability

The last major vulnerability is in the cluster connect feature of Azure Arc-enabled Kubernetes clusters. Because the Azure Stack Edge allows users to deploy Kubernetes workloads on devices via Azure Arc, Azure Stack Edge devices are also deemed as vulnerable.

CVE-2022-37968 received a max CVSS base score of 10, and while Microsoft doesn’t list exploitability as likely, the ease of exploitation does make it a high priority if you’re using the cluster connect feature. Microsoft added additional guidance in their security center.

“An attacker who knows the randomly generated external DNS endpoint for an Azure Arc-enabled Kubernetes cluster can exploit this vulnerability from the internet. Successful exploitation of this vulnerability, which affects the cluster connect feature of Azure Arc-enabled Kubernetes clusters, allows an unauthenticated user to elevate their privileges as cluster admins and potentially gain control over the Kubernetes cluster.”

Microsoft

Run the Patch Tuesday October 2022 Audit Report

To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday October 2022 CVE Codes & Titles

CVE NumberCVE Title
CVE-2022-41083Visual Studio Code Elevation of Privilege Vulnerability
CVE-2022-41081Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41043Microsoft Office Information Disclosure Vulnerability
CVE-2022-41042Visual Studio Code Information Disclosure Vulnerability
CVE-2022-41038Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41037Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41036Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41034Visual Studio Code Remote Code Execution Vulnerability
CVE-2022-41033Windows COM+ Event System Service Elevation of Privilege Vulnerability
CVE-2022-41032NuGet Client Elevation of Privilege Vulnerability
CVE-2022-41031Microsoft Word Remote Code Execution Vulnerability
CVE-2022-38053Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38051Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-38050Win32k Elevation of Privilege Vulnerability
CVE-2022-38049Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2022-38048Microsoft Office Remote Code Execution Vulnerability
CVE-2022-38047Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-38046Web Account Manager Information Disclosure Vulnerability
CVE-2022-38045Server Service Remote Protocol Elevation of Privilege Vulnerability
CVE-2022-38044Windows CD-ROM File System Driver Remote Code Execution Vulnerability
CVE-2022-38043Windows Security Support Provider Interface Information Disclosure Vulnerability
CVE-2022-38042Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-38041Windows Secure Channel Denial of Service Vulnerability
CVE-2022-38040Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-38039Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38038Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38037Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38036Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
CVE-2022-38034Windows Workstation Service Elevation of Privilege Vulnerability
CVE-2022-38033Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability
CVE-2022-38032Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
CVE-2022-38031Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-38030Windows USB Serial Driver Information Disclosure Vulnerability
CVE-2022-38029Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-38028Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-38027Windows Storage Elevation of Privilege Vulnerability
CVE-2022-38026Windows DHCP Client Information Disclosure Vulnerability
CVE-2022-38025Windows Distributed File System (DFS) Information Disclosure Vulnerability
CVE-2022-38022Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38021Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
CVE-2022-38017StorSimple 8000 Series Elevation of Privilege Vulnerability
CVE-2022-38016Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2022-38003Windows Resilient File System Elevation of Privilege
CVE-2022-38001Microsoft Office Spoofing Vulnerability
CVE-2022-38000Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-37999Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37998Windows Local Session Manager (LSM) Denial of Service Vulnerability
CVE-2022-37997Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-37996Windows Kernel Memory Information Disclosure Vulnerability
CVE-2022-37995Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37994Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37993Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37991Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37990Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37989Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-37988Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37987Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-37986Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-37985Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-37984Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2022-37983Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-37982Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-37981Windows Event Logging Service Denial of Service Vulnerability
CVE-2022-37980Windows DHCP Client Elevation of Privilege Vulnerability
CVE-2022-37979Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-37978Windows Active Directory Certificate Services Security Feature Bypass
CVE-2022-37977Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
CVE-2022-37976Active Directory Certificate Services Elevation of Privilege Vulnerability
CVE-2022-37975Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37974Windows Mixed Reality Developer Tools Information Disclosure Vulnerability
CVE-2022-37973Windows Local Session Manager (LSM) Denial of Service Vulnerability
CVE-2022-37971Microsoft Windows Defender Elevation of Privilege Vulnerability
CVE-2022-37970Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-37968Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
CVE-2022-37965Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-35829Service Fabric Explorer Spoofing Vulnerability
CVE-2022-35770Windows NTLM Spoofing Vulnerability
CVE-2022-34689Windows CryptoAPI Spoofing Vulnerability
CVE-2022-33645Windows TCP/IP Driver Denial of Service Vulnerability
CVE-2022-33635Windows GDI+ Remote Code Execution Vulnerability
CVE-2022-33634Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-30198Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-30134Microsoft Exchange Information Disclosure Vulnerability
CVE-2022-24516Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-24504Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-24477Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-22035Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-21980Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-21979Microsoft Exchange Information Disclosure Vulnerability

Receive the Latest Patch Tuesday Report for FREE Every Month

"*" indicates required fields

This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.