VERT Threat Alert: September 2022 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th.
In-The-Wild & Disclosed CVEs
The first disclosed vulnerability this month is Spectre-BHB that is discussed in great detail on arm Developer. The Microsoft update for this vulnerability only applies to Windows 11 for ARM64-based systems. It is likely that impacted systems are not widely deployed across most organizations.
A vulnerability in the Windows Common Log File System (CLFS) Driver allows for SYSTEM level code execution when successfully exploited on a system. This local vulnerability has already seen exploitation in-the-wild and was jointly reported by a number of organizations. The update for this vulnerability should be applied as soon as possible due to the active exploitation that is ongoing.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also color coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed are listed in red
| Tag | CVE Count | CVEs | |
| Windows IKE Extension | 3 | CVE-2022-34720, CVE-2022-34721, CVE-2022-34722 | |
| HTTP.sys | 1 | CVE-2022-35838 | |
| Windows Group Policy | 1 | CVE-2022-37955 | |
| Windows DPAPI (Data Protection Application Programming Interface) | 1 | CVE-2022-34723 | |
|
1 | CVE-2022-35841 | |
| Windows Common Log File System Driver | 2 | CVE-2022-35803, CVE-2022-37969 | |
| Cache Speculation | 1 | CVE-2022-23960 | |
| Microsoft Office SharePoint | 4 | CVE-2022-35823, CVE-2022-38008, CVE-2022-38009, CVE-2022-37961 | |
| Azure Arc | 1 | CVE-2022-38007 | |
| Visual Studio Code | 1 | CVE-2022-38020 | |
| Windows Photo Import API | 1 | CVE-2022-26928 | |
| Microsoft Office Visio | 2 | CVE-2022-38010, CVE-2022-37963 | |
| Microsoft Graphics Component | 5 | CVE-2022-35837, CVE-2022-34728, CVE-2022-34729, CVE-2022-37954, CVE-2022-38006 | |
| SPNEGO Extended Negotiation | 1 | CVE-2022-37958 | |
| Windows Event Tracing | 1 | CVE-2022-35832 | |
| Windows Kernel | (Read more...) |
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-news/vert-threat-alert-september-2022-patch-tuesday-analysis/
