Patch Tuesday – December 2022

Post Syndicated from Greg Wiseman original https://blog.rapid7.com/2022/12/13/patch-tuesday-december-2022/

Patch Tuesday - December 2022

As far as Patch Tuesdays go, defenders have a relatively light month to close out the year with only 48 CVEs being published by Microsoft today. (This does not include the 24 previously disclosed vulnerabilities affecting their Chromium-based Edge browser.)

There are two zero-days in the mix today. CVE-2022-44698 is a bypass of the Windows SmartScreen security feature, and has been seen exploited in the wild. It allows attackers to craft documents that won’t get tagged with Microsoft’s “Mark of the Web” despite being downloaded from untrusted sites. This means no Protected View for Microsoft Office documents, making it easier to get users to do sketchy things like execute malicious macros. Publicly disclosed, but not seen actively exploited, is CVE-2022-44710. It’s a classic elevation of privilege vulnerability affecting the DirectX graphics kernel on Windows 11 22H2 systems.

Administrators for SharePoint and Microsoft Dynamics deployments should be aware of Critical Remote Code Execution (RCE) vulnerabilities that need to be patched. Other Critical RCEs this month affect the Windows Secure Socket Tunneling Protocol (CVE-2022-44676 and CVE-2022-44670), .NET Framework (CVE-2022-41089), and PowerShell (CVE-2022-41076).

Happy holidays, and may your patching be merry and bright!

Summary charts

Patch Tuesday - December 2022
Patch Tuesday - December 2022
Patch Tuesday - December 2022
Patch Tuesday - December 2022

Summary tables

Apps vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44702 Windows Terminal Remote Code Execution Vulnerability No No 7.8
CVE-2022-24480 Outlook for Android Elevation of Privilege Vulnerability No No 6.3

Azure vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44699 Azure Network Watcher Agent Security Feature Bypass Vulnerability No No 5.5

Browser vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44708 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability No No 8.3
CVE-2022-41115 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability No No 6.6
CVE-2022-44688 Microsoft Edge (Chromium-based) Spoofing Vulnerability No No 4.3
CVE-2022-4195 Chromium: CVE-2022-4195 Insufficient policy enforcement in Safe Browsing No No N/A
CVE-2022-4194 Chromium: CVE-2022-4194 Use after free in Accessibility No No N/A
CVE-2022-4193 Chromium: CVE-2022-4193 Insufficient policy enforcement in File System API No No N/A
CVE-2022-4192 Chromium: CVE-2022-4192 Use after free in Live Caption No No N/A
CVE-2022-4191 Chromium: CVE-2022-4191 Use after free in Sign-In No No N/A
CVE-2022-4190 Chromium: CVE-2022-4190 Insufficient data validation in Directory No No N/A
CVE-2022-4189 Chromium: CVE-2022-4189 Insufficient policy enforcement in DevTools No No N/A
CVE-2022-4188 Chromium: CVE-2022-4188 Insufficient validation of untrusted input in CORS No No N/A
CVE-2022-4187 Chromium: CVE-2022-4187 Insufficient policy enforcement in DevTools No No N/A
CVE-2022-4186 Chromium: CVE-2022-4186 Insufficient validation of untrusted input in Downloads No No N/A
CVE-2022-4185 Chromium: CVE-2022-4185 Inappropriate implementation in Navigation No No N/A
CVE-2022-4184 Chromium: CVE-2022-4184 Insufficient policy enforcement in Autofill No No N/A
CVE-2022-4183 Chromium: CVE-2022-4183 Insufficient policy enforcement in Popup Blocker No No N/A
CVE-2022-4182 Chromium: CVE-2022-4182 Inappropriate implementation in Fenced Frames No No N/A
CVE-2022-4181 Chromium: CVE-2022-4181 Use after free in Forms No No N/A
CVE-2022-4180 Chromium: CVE-2022-4180 Use after free in Mojo No No N/A
CVE-2022-4179 Chromium: CVE-2022-4179 Use after free in Audio No No N/A
CVE-2022-4178 Chromium: CVE-2022-4178 Use after free in Mojo No No N/A
CVE-2022-4177 Chromium: CVE-2022-4177 Use after free in Extensions No No N/A
CVE-2022-4175 Chromium: CVE-2022-4175 Use after free in Camera Capture No No N/A
CVE-2022-4174 Chromium: CVE-2022-4174 Type Confusion in V8 No No N/A

Developer Tools vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-41089 .NET Framework Remote Code Execution Vulnerability No No 8.8
CVE-2022-44704 Microsoft Windows Sysmon Elevation of Privilege Vulnerability No No 7.8

Developer Tools Windows ESU vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-41076 PowerShell Remote Code Execution Vulnerability No No 8.5

Microsoft Dynamics vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-41127 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability No No 8.5

Microsoft Office vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44690 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.8
CVE-2022-44693 Microsoft SharePoint Server Remote Code Execution Vulnerability No No 8.8
CVE-2022-44694 Microsoft Office Visio Remote Code Execution Vulnerability No No 7.8
CVE-2022-44695 Microsoft Office Visio Remote Code Execution Vulnerability No No 7.8
CVE-2022-44696 Microsoft Office Visio Remote Code Execution Vulnerability No No 7.8
CVE-2022-44691 Microsoft Office OneNote Remote Code Execution Vulnerability No No 7.8
CVE-2022-44692 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-26804 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-26805 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-26806 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-47211 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-47212 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-47213 Microsoft Office Graphics Remote Code Execution Vulnerability No No 7.8
CVE-2022-44713 Microsoft Outlook for Mac Spoofing Vulnerability No No 7.5

Open Source Software Windows vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44689 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability No No 7.8

Windows vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44677 Windows Projected File System Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44683 Windows Kernel Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44680 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44671 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44687 Raw Image Extension Remote Code Execution Vulnerability No No 7.8
CVE-2022-44710 DirectX Graphics Kernel Elevation of Privilege Vulnerability No Yes 7.8
CVE-2022-44669 Windows Error Reporting Elevation of Privilege Vulnerability No No 7
CVE-2022-44682 Windows Hyper-V Denial of Service Vulnerability No No 6.8
CVE-2022-44707 Windows Kernel Denial of Service Vulnerability No No 6.5
CVE-2022-44679 Windows Graphics Component Information Disclosure Vulnerability No No 6.5
CVE-2022-44674 Windows Bluetooth Driver Information Disclosure Vulnerability No No 5.5
CVE-2022-44698 Windows SmartScreen Security Feature Bypass Vulnerability Yes No 5.4

Windows ESU vulnerabilities

CVE Title Exploited? Publicly disclosed? CVSSv3 base score
CVE-2022-44676 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability No No 8.1
CVE-2022-44670 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability No No 8.1
CVE-2022-44678 Windows Print Spooler Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44681 Windows Print Spooler Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44667 Windows Media Remote Code Execution Vulnerability No No 7.8
CVE-2022-44668 Windows Media Remote Code Execution Vulnerability No No 7.8
CVE-2022-41094 Windows Hyper-V Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44697 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8
CVE-2022-41121 Windows Graphics Component Elevation of Privilege Vulnerability No No 7.8
CVE-2022-41077 Windows Fax Compose Form Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44666 Windows Contacts Remote Code Execution Vulnerability No No 7.8
CVE-2022-44675 Windows Bluetooth Driver Elevation of Privilege Vulnerability No No 7.8
CVE-2022-44673 Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability No No 7
CVE-2022-41074 Windows Graphics Component Information Disclosure Vulnerability No No 5.5