One Article Review
| Source |  Fortinet ThreatSignal |
|---|---|
| Identifiant | 7007580 |
| Date de publication | 2022-09-19 16:41:06 (vue: 2022-09-20 00:06:06) |
| Titre | Microsoft Patch Tuesday Fixed Vulnerability (CVE-2022-34718) More Likely To Be Exploited |
| Texte | Microsoft has released 63 security patches for this month's September 2022 release. One of the fixes is for CVE-2022-34718 (Windows TCP/IP Remote Code Execution Vulnerability). Rated critical and deemed "exploitation more likely" by Microsoft, successful exploitation of the vulnerability allows a remote unauthenticated attacker o run code on the vulnerable machine. This has a CVSS score of 9.8.Why is this Significant?This is significant because CVE-2022-34718 ((Windows TCP/IP Remote Code Execution Vulnerability) is a remote code execution vulnerability that is considered "exploitation more likely" by Microsoft as such a fix should be applied as soon as possible. This has a CVSS score of 9.8 out of 10 and is rated critical by Microsoft.Systems with the IPSec service is running are vulnerable to CVE-2022-34718. Systems with IPv6 disabled are not affected. Is CVE-2022-34718 being Exploited in the Wild?No, the vulnerability has not been observed nor reported as being exploited in the wild.Is there Any Other Vulnerability in the September Patch Tuesday that Requires Attention?Microsoft also released a patch for a local privilege escalation vulnerability that affects Windows Common Log File System Driver (CVE-2022-37969). Exploitation of this vulnerability does not require any user interaction; however an attacker needs to have access to the target's system to carry out the attack. This has a CVSS score of 7.8 and is rated important.Is CVE-2022-37969 being Exploited in the Wild?According to the advisory released by Microsoft, CVE-2022-37969 was exploited as a zero-day as such a fix should be applied as soon as possible.Has Microsoft Released a Patch for CVE-2022-34718 and CVE-2022-37969?Yes, Microsoft has released a patch for CVE-2022-34718 and CVE-2022-37969 on September 13th, 2022 as part of regular MS Tuesday for the month.What is the Status of Coverage?FortiGuard Labs has released the following IPS signature in response to CVE-2022-34718 (available from version 22.393):MS.Windows.TCP.IP.CVE-2022-34718.Remote.Code.Execution (default action set to "pass")Currently there is no sufficient information available for CVE-2022-37969 that allows FortiGuard Labs to develop coverage. We are monitoring the situation and will investigate coverage when information becomes available. |
| Envoyé | Oui |
| Condensat | 13th 2022 34718 37969 393 :ms access according action advisory affected affects allows also any applied are attack attacker attention available because becomes been being carry code common considered coverage critical currently cve cvss day deemed default develop disabled does driver escalation execution exploitation exploited file fix fixed fixes following fortiguard from has have however important information interaction; investigate ips ipsec ipv6 labs likely local log machine microsoft monitoring month more needs nor not observed one other out part pass patch patches possible privilege rated regular release released remote reported require requires response run running score security september service set should signature significant situation soon status successful such sufficient system systems target tcp tcp/ip tuesday unauthenticated user version vulnerability vulnerable what when why wild will windows zero |
| Tags | Vulnerability |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.