Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
.NET Framework CVE-2022-41064 .NET Framework Information Disclosure Vulnerability
AMD CPU Branch CVE-2022-23824 AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions
Azure CVE-2022-39327 GitHub: CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI
Azure CVE-2022-41085 Azure CycleCloud Elevation of Privilege Vulnerability
Azure Real Time Operating System CVE-2022-41051 Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Linux Kernel CVE-2022-38014 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Microsoft Dynamics CVE-2022-41066 Microsoft Business Central Information Disclosure Vulnerability
Microsoft Exchange Server CVE-2022-41078 Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server CVE-2022-41080 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server CVE-2022-41079 Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server CVE-2022-41123 Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2022-41113 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2022-41052 Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Office ADV220003 Microsoft Defense in Depth Update
Microsoft Office CVE-2022-41105 Microsoft Excel Information Disclosure Vulnerability
Microsoft Office CVE-2022-41107 Microsoft Office Graphics Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2022-41104 Microsoft Excel Security Feature Bypass Vulnerability
Microsoft Office Excel CVE-2022-41063 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2022-41106 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2022-41122 Microsoft SharePoint Server Spoofing Vulnerability
Microsoft Office SharePoint CVE-2022-41062 Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Office Word CVE-2022-41103 Microsoft Word Information Disclosure Vulnerability
Microsoft Office Word CVE-2022-41061 Microsoft Word Remote Code Execution Vulnerability
Microsoft Office Word CVE-2022-41060 Microsoft Word Information Disclosure Vulnerability
Network Policy Server (NPS) CVE-2022-41056 Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
Network Policy Server (NPS) CVE-2022-41097 Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
Open Source Software CVE-2022-3786 OpenSSL: CVE-2022-3786 X.509 certificate verification buffer overrun
Open Source Software CVE-2022-3602 OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun
Role: Windows Hyper-V CVE-2022-38015 Windows Hyper-V Denial of Service Vulnerability
SysInternals CVE-2022-41120 Microsoft Windows Sysmon Elevation of Privilege Vulnerability
Visual Studio CVE-2022-39253 GitHub: CVE-2022-39253 Local clone optimization dereferences symbolic links by default
Visual Studio CVE-2022-41119 Visual Studio Remote Code Execution Vulnerability
Windows Advanced Local Procedure Call CVE-2022-41093 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Windows ALPC CVE-2022-41045 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Windows ALPC CVE-2022-41100 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Windows Bind Filter Driver CVE-2022-41114 Windows Bind Filter Driver Elevation of Privilege Vulnerability
Windows BitLocker CVE-2022-41099 BitLocker Security Feature Bypass Vulnerability
Windows CNG Key Isolation Service CVE-2022-41125 Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Windows Devices Human Interface CVE-2022-41055 Windows Human Interface Device Information Disclosure Vulnerability
Windows Digital Media CVE-2022-41095 Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows DWM Core Library CVE-2022-41096 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Windows Extensible File Allocation CVE-2022-41050 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
Windows Group Policy Preference Client CVE-2022-37992 Windows Group Policy Elevation of Privilege Vulnerability
Windows Group Policy Preference Client CVE-2022-41086 Windows Group Policy Elevation of Privilege Vulnerability
Windows HTTP.sys CVE-2022-41057 Windows HTTP.sys Elevation of Privilege Vulnerability
Windows Kerberos CVE-2022-37967 Windows Kerberos Elevation of Privilege Vulnerability
Windows Kerberos CVE-2022-41053 Windows Kerberos Denial of Service Vulnerability
Windows Kerberos CVE-2022-37966 Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
Windows Mark of the Web (MOTW) CVE-2022-41049 Windows Mark of the Web Security Feature Bypass Vulnerability
Windows Mark of the Web (MOTW) CVE-2022-41091 Windows Mark of the Web Security Feature Bypass Vulnerability
Windows Netlogon CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability
Windows Network Address Translation (NAT) CVE-2022-41058 Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows ODBC Driver CVE-2022-41047 Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows ODBC Driver CVE-2022-41048 Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Overlay Filter CVE-2022-41101 Windows Overlay Filter Elevation of Privilege Vulnerability
Windows Overlay Filter CVE-2022-41102 Windows Overlay Filter Elevation of Privilege Vulnerability
Windows Point-to-Point Tunneling Protocol CVE-2022-41044 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Windows Point-to-Point Tunneling Protocol CVE-2022-41116 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Windows Point-to-Point Tunneling Protocol CVE-2022-41090 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Windows Point-to-Point Tunneling Protocol CVE-2022-41039 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Windows Point-to-Point Tunneling Protocol CVE-2022-41088 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Windows Print Spooler Components CVE-2022-41073 Windows Print Spooler Elevation of Privilege Vulnerability
Windows Resilient File System (ReFS) CVE-2022-41054 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Windows Scripting CVE-2022-41118 Windows Scripting Languages Remote Code Execution Vulnerability
Windows Scripting CVE-2022-41128 Windows Scripting Languages Remote Code Execution Vulnerability
Windows Win32K CVE-2022-41092 Windows Win32k Elevation of Privilege Vulnerability
Windows Win32K CVE-2022-41109 Windows Win32k Elevation of Privilege Vulnerability
Windows Win32K CVE-2022-41098 Windows GDI+ Information Disclosure Vulnerability

CVE-2022-23824 - AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-23824
MITRE
NVD
CVE Title: AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions
CVSS:
None
FAQ:

Why is this AMD CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability.

Please see the following for more information:


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-23824
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Information Disclosure 5018425 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Information Disclosure 5018425 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Information Disclosure 5018411 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Information Disclosure 5018411 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Information Disclosure 5018419
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Information Disclosure 5018419
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Information Disclosure 5018419
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Information Disclosure
5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Information Disclosure
5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Information Disclosure
5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Information Disclosure 5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Information Disclosure 5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Information Disclosure 5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Information Disclosure 5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Information Disclosure
5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Information Disclosure
5018410
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Information Disclosure Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Information Disclosure Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Information Disclosure Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Information Disclosure 5018418 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Information Disclosure 5018418 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Information Disclosure 5018427
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Information Disclosure 5018427
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 7 for 32-bit Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Information Disclosure 5018454
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 7 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Information Disclosure 5018454
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Information Disclosure 5018474
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Information Disclosure 5018474
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows RT 8.1 5020010 (Security Only) Important Information Disclosure Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Information Disclosure 5018450
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Information Disclosure 5018450
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Information Disclosure 5018450
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Information Disclosure 5018450
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Information Disclosure 5018454
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Information Disclosure 5018454
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Information Disclosure 5018457
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Information Disclosure 5018457
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Information Disclosure 5018474
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Information Disclosure 5018474
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2016 5019964 (Security Update) Important Information Disclosure 5018411 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Information Disclosure 5018411 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2019 5019966 (Security Update) Important Information Disclosure 5018419
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Information Disclosure 5018419
Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2022 5019081 (Security Update) Important Information Disclosure 5018421 Base: N/A
Temporal: N/A
Vector: N/A
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Information Disclosure 5018421 Base: N/A
Temporal: N/A
Vector: N/A
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-23824 None

CVE-2022-38014 - Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-38014
MITRE
NVD
CVE Title: Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-38014
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure EFLOW Release Notes (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Windows Subsystem for Linux (WSL2) Release Notes (Security Update) Important Elevation of Privilege None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-38014 Microsoft Offensive Research & Security Engineering (MORSE)


CVE-2022-37966 - Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-37966
MITRE
NVD
CVE Title: Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 8.1/7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.


Upon successful exploitation, what privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


How could an attacker exploit this vulnerability?

An unauthenticated attacker could conduct an attack that could leverage cryptographic protocol vulnerabilities in RFC 4757 (Kerberos encryption type RC4-HMAC-MD5) and MS-PAC (Privilege Attribute Certificate Data Structure specification) to bypass security features in a Windows AD environment.


Where can I find more information about these changes?

For more information please see How to manage the Kerberos Protocol changes related to CVE-2022-37966.


I am running Windows Server 2022 Datacenter: Azure Edition (Server Core) but the hotpatch (Windows Server 2022 Datacenter: Azure Edition (Hotpatch)) for it is not listed in the Security Updates table. Is there an update that I can apply for this edition of Windows Server 2022?*

The update to address this vulnerability for Windows Server 2022 Datacenter: Azure Edition (Server Core) is not hotpatchable and is therefore not included in the November Hotpatch KB (5019080). Customers running Windows Server 2022 Datacenter: Azure Edition (Server Core) as a domain controller should install the update for Windows Server 2022 (5019081). This update will require a computer restart.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-37966
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Elevation of Privilege 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Elevation of Privilege 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Elevation of Privilege 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Elevation of Privilege 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Elevation of Privilege 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Elevation of Privilege 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Critical Elevation of Privilege 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Critical Elevation of Privilege 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Critical Elevation of Privilege 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Critical Elevation of Privilege 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Critical Elevation of Privilege 5018421 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Critical Elevation of Privilege 5018421 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-37966 Tom Tervoort with Secura


CVE-2022-41085 - Azure CycleCloud Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41085
MITRE
NVD
CVE Title: Azure CycleCloud Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.5/6.5
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Upon successful exploitation, what privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to brute force authentication and obtain a successful login.


What versions are impacted by this vulnerability?

All versions are impacted and should be updated based on the documentation provided in the CVE.


According to the CVSS metric, the attack vector as local (AV:A). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires that an attacker will need to first gain access to the restricted network before running an attack.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41085
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure CycleCloud 7 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Azure CycleCloud 8 Release Notes (Security Update) Important Elevation of Privilege None Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41085 Yiming Xiang with NSFOCUS TIANJI LAB


CVE-2022-41100 - Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41100
MITRE
NVD
CVE Title: Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


What privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41100
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5020010 (Security Only) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Important Elevation of Privilege 5016060 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41100 Jarvis_1oop of vulnerability research institute


CVE-2022-41058 - Windows Network Address Translation (NAT) Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41058
MITRE
NVD
CVE Title: Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVSS:

CVSS:3.1 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41058
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Denial of Service 5018425 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Denial of Service 5018425 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Denial of Service 5018411 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Denial of Service 5018411 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Denial of Service 5018419
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Denial of Service 5018419
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Denial of Service 5018419
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Denial of Service
5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Denial of Service
5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Denial of Service
5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Denial of Service 5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Denial of Service 5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Denial of Service 5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Denial of Service 5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Denial of Service
5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Denial of Service
5018410
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Denial of Service Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Denial of Service Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Denial of Service Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Denial of Service 5018418 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Denial of Service 5018418 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Denial of Service 5018427
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Denial of Service 5018427
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Denial of Service 5018454
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Denial of Service 5018454
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Denial of Service 5018474
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Denial of Service 5018474
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5020010 (Security Only) Important Denial of Service Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Denial of Service 5018450
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Denial of Service 5018450
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Denial of Service 5018450
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Denial of Service 5018450
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Denial of Service 5018454
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Denial of Service 5018454
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Denial of Service 5018457
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Denial of Service 5018457
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Denial of Service 5018474
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Denial of Service 5018474
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Denial of Service 5018411 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Denial of Service 5018411 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Denial of Service 5018419
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Denial of Service 5018419
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Denial of Service 5018421 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Denial of Service 5018421 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Important Denial of Service 5016060 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41058 Huichen Lin and Dong Seong Kim with School of Information Technology and Electrical Engineering - The University of Queensland


CVE-2022-41101 - Windows Overlay Filter Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41101
MITRE
NVD
CVE Title: Windows Overlay Filter Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41101
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Important Elevation of Privilege 5016060 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41101 k0shl with Kunlun Lab


CVE-2022-41102 - Windows Overlay Filter Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41102
MITRE
NVD
CVE Title: Windows Overlay Filter Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41102
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Important Elevation of Privilege 5016060 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41102 k0shl with Kunlun Lab


CVE-2022-41064 - .NET Framework Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41064
MITRE
NVD
CVE Title: .NET Framework Information Disclosure Vulnerability
CVSS:

CVSS:3.1 5.8/5.1
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

If I am using System.Data.SqlClient or Microsoft.Data.SqlClient, what do I need to do to be protected from this vulnerability?

Customers using either the System.Data.SqlClient or Microsoft.Data.SqlClient NuGet Packages need to do the following to be protected:

  • If you are using System.Data.SqlClient on .NET Framework you must install the November update for .NET Framework
  • If you are using System.Data.SqlClient on .NET Core, .NET 5 or .NET 6 you must update the nuget package to an updated version as listed in the affected packages.
  • If you are using Microsoft.Data.SqlClient, anywhere (.NET Core, .NET 5/6, .NET Framework) and you are using a version that is vulnerable you must update as listed in the affected packages.

Please see Microsoft Security Advisory CVE 2022-41064 | .NET Information Disclosure Vulnerability for more information.


According to the CVSS score, the Attack Vector is Adjacent (AV:A). What does this mean for this vulnerability?

Exploiting this vulnerability requires an attacker to be within the SQL Connection Pool.


According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to exhaust all the threads in the thread pool.


According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

In this case, a successful attack could cause the attacker access queries from other users in the SQL Connection Pool.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41064
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft .NET Framework 4.6.2 on Windows 10 for 32-bit Systems 5019970 (Security Update) Important Information Disclosure 5018425 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Microsoft .NET Framework 4.6.2 on Windows 10 for x64-based Systems 5019970 (Security Update) Important Information Disclosure 5018425 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 5020691 (Monthly Rollup)
5020681 (Security Only)
Important Information Disclosure 5018550, 5013873
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020691 (Monthly Rollup)
5020681 (Security Only)
Important Information Disclosure 5018550, 5013873
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2 on Windows Server 2008 for x64-based Systems Service Pack 2 5020691 (Monthly Rollup)
5020681 (Security Only)
Important Information Disclosure 5018550, 5013873
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for 32-bit Systems Service Pack 1 5020688 (Monthly Rollup)
5020678 (Security Only)
Important Information Disclosure 5013870, 5018547
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 7 for x64-based Systems Service Pack 1 5020688 (Monthly Rollup)
5020678 (Security Only)
Important Information Disclosure 5013870, 5018547
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for 32-bit systems 5020690 (Monthly Rollup)
5020680 (Security Only)
Important Information Disclosure 5016568, 5018549
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows 8.1 for x64-based systems 5020690 (Monthly Rollup)
5020680 (Security Only)
Important Information Disclosure 5016568, 5018549
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows RT 8.1 5020690 (Monthly Rollup)
5020680 (Security Only)
Important Information Disclosure 5016568, 5018549
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020688 (Monthly Rollup)
5020678 (Security Only)
Important Information Disclosure 5013870, 5018547
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020688 (Monthly Rollup)
5020678 (Security Only)
Important Information Disclosure 5013870, 5018547
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 5020689 (Monthly Rollup)
5020679 (Security Only)
Important Information Disclosure 5013871, 5018548
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 (Server Core installation) 5020689 (Monthly Rollup)
5020679 (Security Only)
Important Information Disclosure 5013871, 5018548
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 5020679 (Security Only)
5020690 (Monthly Rollup)
Important Information Disclosure
5016568, 5018549
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2 on Windows Server 2012 R2 (Server Core installation) 5020679 (Security Only)
5020690 (Monthly Rollup)
Important Information Disclosure
5016568, 5018549
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for 32-bit Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for ARM64-based Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.7.2 on Windows 10 Version 1809 for x64-based Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2019 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.7.2 on Windows Server 2019 (Server Core installation) 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for 32-bit Systems 5020614 (Security Update) Important Information Disclosure 5013625, 5018515 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1607 for x64-based Systems 5020614 (Security Update) Important Information Disclosure 5013625, 5018515 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1809 for 32-bit Systems 5020685 (Monthly Rollup) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1809 for ARM64-based Systems 5020685 (Security Update) Important Information Disclosure 5013868, 5018542 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 1809 for x64-based Systems 5020685 (Monthly Rollup) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for 32-bit Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for ARM64-based Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 20H2 for x64-based Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for 32-bit Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for ARM64-based Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H1 for x64-based Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for 32-bit Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for ARM64-based Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 21H2 for x64-based Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 22H2 for 32-bit Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 22H2 for ARM64-based Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 10 Version 22H2 for x64-based Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 11 for ARM64-based Systems 5020695 (Security Update) Important Information Disclosure 5017497, 5018859, 5018546 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 11 for x64-based Systems 5020695 (Security Update) Important Information Disclosure 5017497, 5018859, 5018546 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 7 for 32-bit Systems Service Pack 1 5020688 (Monthly Rollup) Important Information Disclosure 5013870, 5018547 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 7 for x64-based Systems Service Pack 1 5020688 (Monthly Rollup)
5020678 (Security Only)
Important Information Disclosure 5013870, 5018547
Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 8.1 for 32-bit systems 5020690 (Monthly Rollup) Important Information Disclosure 5016568, 5018549 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows 8.1 for x64-based systems 5020690 (Monthly Rollup) Important Information Disclosure 5016568, 5018549 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows RT 8.1 5020690 (Monthly Rollup) Important Information Disclosure 5016568, 5018549 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020688 (Monthly Rollup) Important Information Disclosure 5013870, 5018547 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020688 (Monthly Rollup) Important Information Disclosure 5013870, 5018547 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 5020689 (Monthly Rollup) Important Information Disclosure 5013871, 5018548 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 (Server Core installation) 5020689 (Monthly Rollup) Important Information Disclosure 5013871, 5018548 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 5020690 (Monthly Rollup) Important Information Disclosure 5016568, 5018549 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2012 R2 (Server Core installation) 5020690 (Monthly Rollup) Important Information Disclosure 5016568, 5018549 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2016 5020614 (Security Update) Important Information Disclosure 5013625, 5018515 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2016 (Server Core installation) 5020614 (Security Update) Important Information Disclosure 5013625, 5018515 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2019 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8 on Windows Server 2019 (Server Core installation) 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 1809 for 32-bit Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 1809 for ARM64-based Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 1809 for x64-based Systems 5020685 (Security Update) Important Information Disclosure 5013868, 50185 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 20H2 for 32-bit Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 20H2 for ARM64-based Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 20H2 for x64-based Systems 5020686 (Security Update) Important Information Disclosure 5017498, 5018856, 5018543 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H1 for 32-bit Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H1 for ARM64-based Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H1 for x64-based Systems 5020801 (Security Update) Important Information Disclosure 5017499, 5018857, 5018544 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H2 for 32-bit Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 21H2 for x64-based Systems 5020687 (Security Update) Important Information Disclosure 5017500, 5018858, 5018545 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 22H2 for 32-bit Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 22H2 for ARM64-based Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 10 Version 22H2 for x64-based Systems 5020694 (Security Update) Important Information Disclosure 5017651, 5018202 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 11 for ARM64-based Systems 5020695 (Security Update) Important Information Disclosure 5017497, 5018859, 5018546 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 11 for x64-based Systems 5020695 (Security Update) Important Information Disclosure 5017497, 5018859, 5018546 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 11 Version 22H2 for ARM64-based Systems 5020622 (Security Update) Important Information Disclosure 5017271, 5018341 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft .NET Framework 4.8.1 on Windows 11 Version 22H2 for x64-based Systems 5020622 (Security Update) Important Information Disclosure 5017271, 5018341 Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Nuget 2.1.2 Release Notes (Security Update) Important Information Disclosure None Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Nuget 4.8.5 Release Notes (Security Update) Important Information Disclosure None Base: 5.8
Temporal: 5.1
Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41064

CVE-2022-39327 - GitHub: CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-39327
MITRE
NVD
CVE Title: GitHub: CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI
CVSS:
None
FAQ:

Why is this GitHub CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Azure cli, which is published on GitHub and for which GitHub is the CVE Naming Authority (CNA). It is being documented in the Security Update Guide to inform customers using the azure-cli that they need to apply the updated version. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-39327
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure CLI Improper Control of Generation of Code ('Code Injection') in Azure CLI (Security Update) Critical Remote Code Execution 2.41.0 Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-39327 None

CVE-2022-41120 - Microsoft Windows Sysmon Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41120
MITRE
NVD
CVE Title: Microsoft Windows Sysmon Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Upon successful exploitation, what privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


How could an attacker exploit this vulnerability?

A locally authenticated attacker could manipulate information on the Sysinternals services to achieve elevation from local user to SYSTEM admin.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41120
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Sysmon Release Notes (Security Update) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41120 Filip Dragovic with Infigo IS


CVE-2022-41122 - Microsoft SharePoint Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41122
MITRE
NVD
CVE Title: Microsoft SharePoint Server Spoofing Vulnerability
CVSS:

CVSS:3.1 6.5/5.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.


According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?

The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published. This CVE was addressed by updates that were released in September 2022, but the CVE was omitted from the September 2022 Security Updates. This is an informational change only. Customers who have already installed the September 2022 update do not need to take any further action.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41122
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 5002264 (Cumulative Update)
5002267 (Security Update)
Important Spoofing
5002219
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 5002269 (Security Update) Important Spoofing 5002222
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 5002267 (Security Update) Important Spoofing 5002219
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 5002258 (Security Update) Important Spoofing 5002212
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Server Subscription Edition 5002271 (Security Update) Important Spoofing Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41122 Li Jian Tao (@CurseRed) with STAR Labs




CVE-2022-41078 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41078
MITRE
NVD
CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 8.0/7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41078
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5019758 (Security Update) Important Spoofing 5019076 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 22 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 23 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 11 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 12 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41078 Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative


CVE-2022-41123 - Microsoft Exchange Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41123
MITRE
NVD
CVE Title: Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41123
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2016 Cumulative Update 22 5019758 (Security Update) Important Elevation of Privilege 5019077 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 23 5019758 (Security Update) Important Elevation of Privilege 5019077 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 11 5019758 (Security Update) Important Elevation of Privilege 5019077 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 12 5019758 (Security Update) Important Elevation of Privilege 5019077 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41123 Piotr Bazydlo (@chudypb) working with Trend Micro Zero Day Initiative


CVE-2022-41079 - Microsoft Exchange Server Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41079
MITRE
NVD
CVE Title: Microsoft Exchange Server Spoofing Vulnerability
CVSS:

CVSS:3.1 8.0/7.0
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41079
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5019758 (Security Update) Important Spoofing 5019076 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 22 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 23 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 11 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 12 5019758 (Security Update) Important Spoofing 5019077 Base: 8.0
Temporal: 7.0
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41079 Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative


CVE-2022-41080 - Microsoft Exchange Server Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41080
MITRE
NVD
CVE Title: Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41080
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5019758 (Security Update) Critical Elevation of Privilege 5019076 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 22 5019758 (Security Update) Critical Elevation of Privilege 5019077 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 23 5019758 (Security Update) Critical Elevation of Privilege 5019077 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 11 5019758 (Security Update) Critical Elevation of Privilege 5019077 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 12 5019758 (Security Update) Critical Elevation of Privilege 5019077 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41080 rskvp93 with VcsLab of Viettel Cyber Security


CVE-2022-3602 - OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3602
MITRE
NVD
CVE Title: OpenSSL: CVE-2022-3602 X.509 certificate verification buffer overrun
CVSS:
None
FAQ:

Why is this OpenSSL Software Foundation CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in OpenSSL Software which is consumed by the Microsoft products listed in the Security Updates table and are known to be affected. It is being documented in the Security Update Guide to announce that the latest builds of these products are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.


Where can I find further guidance for this OpenSSL vulnerability?

For more information and guidance see Awareness and guidance related to OpenSSL 3.0 - 3.0.6 risk (CVE-2022-3786 and CVE-2202-3602).


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-02T07:00:00    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
N/A No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3602
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure SDK for C++ Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
Microsoft Azure Kubernetes Service Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Maybe
vcpkg Release Notes (Security Update) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3602



CVE-2022-41128 - Windows Scripting Languages Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41128
MITRE
NVD
CVE Title: Windows Scripting Languages Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 8.8/8.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.


The CVE title says Windows Scripting Languages, what does that mean for this vulnerability?

This vulnerability impacts the JScript9 scripting language.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41128
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Critical Remote Code Execution 5018425 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Critical Remote Code Execution 5018425 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Critical Remote Code Execution 5018418 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Critical Remote Code Execution 5018418 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Critical Remote Code Execution 5018427
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Critical Remote Code Execution 5018427
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018454
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018454
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018474
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018474
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows RT 8.1 5020023 (Monthly Rollup) Critical Remote Code Execution
5018474
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018454
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
5019958 (IE Cumulative)
Critical Remote Code Execution 5018457
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup) Critical Remote Code Execution 5018474
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Critical Remote Code Execution 5018421 Base: 8.8
Temporal: 8.2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41128 Clément Lecigne of Google’s Threat Analysis Group


CVE-2022-38015 - Windows Hyper-V Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-38015
MITRE
NVD
CVE Title: Windows Hyper-V Denial of Service Vulnerability
CVSS:

CVSS:3.1 6.5/5.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?

Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-38015
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for x64-based Systems 5019970 (Security Update) Critical Denial of Service 5018425 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Critical Denial of Service 5018411 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Critical Denial of Service 5018419
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Critical Denial of Service
5018410
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Critical Denial of Service 5018410
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Critical Denial of Service
5018410
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Critical Denial of Service Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Critical Denial of Service 5018418 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Critical Denial of Service 5018427
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Critical Denial of Service 5018411 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Critical Denial of Service 5018411 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Critical Denial of Service 5018419
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Critical Denial of Service 5018419
Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Critical Denial of Service 5018421 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Critical Denial of Service 5018421 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Critical Denial of Service 5016060 Base: 6.5
Temporal: 5.7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-38015 Eran Segal with Safebreach


CVE-2022-37967 - Windows Kerberos Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-37967
MITRE
NVD
CVE Title: Windows Kerberos Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.2/6.3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Upon successful exploitation, what privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


How could an attacker exploit this vulnerability?

An authenticated attacker could leverage cryptographic protocol vulnerabilities in Windows Kerberos. If the attacker gains control on the service that is allowed for delegation, they can modify the Kerberos PAC to elevate their privileges.


Where can I find more information about these changes?

For more information please see How to manage the Kerberos and Netlogon Protocol changes related to CVE-2022-37967.


Do I need to take further steps to be protected from this vulnerability?

Yes. Please review the KB article How to manage the Kerberos and Netlogon Protocol changes related to CVE-2022-37967. This recommends that you:

  1. Use audit mode to review logs.
  2. Review third-party servers and clients.

If I install the updates and take no further action, what will be the impact?

Intially you will not be secure. There are additional actions an administrator needs to take that are outlined in the KB article.

Why do I need to follow the guidelines in how to manage the changes in Kerberos associated with CVE-2022-37967?

There is a risk of exploitation of the noted vulnerability if you don't take the required actions.

How does Microsoft plan to address this vulnerability?

To give administrators time to make corrections that prevent authentication failures, and to provide a choice on when to implement the enforcement, Microsoft is addressing this vulnerability in a phased rollout.

What is the timeline for this rollout?

Please refer to the planned enforcement timeline in the KB article.

How can I be notified when the further updates are available?

When each phase of Windows updates become available, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this CVE. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.


I am running Windows Server 2022 Datacenter: Azure Edition (Server Core) but the hotpatch (Windows Server 2022 Datacenter: Azure Edition (Hotpatch)) for it is not listed in the Security Updates table. Is there an update that I can apply for this edition of Windows Server 2022?*

The update to address this vulnerability for Windows Server 2022 Datacenter: Azure Edition (Server Core) is not hotpatchable and is therefore not included in the November Hotpatch KB (5019080). Customers running Windows Server 2022 Datacenter: Azure Edition (Server Core) as a domain controller should install the update for Windows Server 2022 (5019081). This update will require a computer restart.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-37967
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Critical Elevation of Privilege 5018450
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Elevation of Privilege 5018454
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Elevation of Privilege 5018454
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Elevation of Privilege 5018457
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Elevation of Privilege 5018457
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Elevation of Privilege 5018474
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Elevation of Privilege 5018474
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Critical Elevation of Privilege 5018411 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Critical Elevation of Privilege 5018411 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Critical Elevation of Privilege 5018419
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Critical Elevation of Privilege 5018419
Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Critical Elevation of Privilege 5018421 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Critical Elevation of Privilege 5018421 Base: 7.2
Temporal: 6.3
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-37967 None

CVE-2022-38023 - Netlogon RPC Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-38023
MITRE
NVD
CVE Title: Netlogon RPC Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 8.1/7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.


Upon successful exploitation, what privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain administrator privileges.


Where can I find more information about these changes?

For more information please see How to manage Netlogon Protocol changes related to CVE-2022-38023.


I am running Windows Server 2022 Datacenter: Azure Edition (Server Core) but the hotpatch (Windows Server 2022 Datacenter: Azure Edition (Hotpatch)) for it is not listed in the Security Updates table. Is there an update that I can apply for this edition of Windows Server 2022?*

The update to address this vulnerability for Windows Server 2022 Datacenter: Azure Edition (Server Core) is not hotpatchable and is therefore not included in the November Hotpatch KB (5019080). Customers running Windows Server 2022 Datacenter: Azure Edition (Server Core) as a domain controller should install the update for Windows Server 2022 (5019081). This update will require a computer restart.


How could an attacker exploit this vulnerability?

An authenticated attacker could leverage cryptographic protocol vulnerabilities in the Windows Netlogon protocol when RPC Signing is used instead of RPC Sealing. Where RPC Signing is used instead of RPC Sealing the attacker could gain control of the service and then might be able to modify Netlogon protocol traffic to elevate their privileges.


How does Microsoft plan to address this vulnerability?

To give administrators time to make corrections that prevent authentication failures, and to provide a choice on when to implement the enforcement, Microsoft is addressing this vulnerability in a phased rollout.

What is the timeline for this rollout?

Please refer to the planned enforcement timeline in the KB article: How to manage Netlogon Protocol changes related to CVE-2022-38023.

How can I be notified when the further updates are available?

When each phase of Windows updates become available, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this CVE. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now – Microsoft Security Response Center.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-38023
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Elevation of Privilege 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Elevation of Privilege 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-38023 None

CVE-2022-37992 - Windows Group Policy Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-37992
MITRE
NVD
CVE Title: Windows Group Policy Elevation of Privilege Vulnerability
CVSS:

CVSS:3.1 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges could an attacker gain?

An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-37992
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Important Elevation of Privilege 5018425 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege 5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege
5018410
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Important Elevation of Privilege 5018418 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Important Elevation of Privilege 5018427
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5020010 (Security Only) Important Elevation of Privilege Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5020019 (Monthly Rollup)
5020005 (Security Only)
Important Elevation of Privilege 5018450
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Important Elevation of Privilege 5018454
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Elevation of Privilege 5018457
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Important Elevation of Privilege 5018457
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Important Elevation of Privilege 5018474
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5019964 (Security Update) Important Elevation of Privilege 5018411 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5019966 (Security Update) Important Elevation of Privilege 5018419
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 (Server Core installation) 5019081 (Security Update) Important Elevation of Privilege 5018421 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2022 Datacenter: Azure Edition (Hotpatch) 5019080 (Security Hotpatch Update) Important Elevation of Privilege 5016060 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2022-37992 somaro


CVE-2022-41039 - Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41039
MITRE
NVD
CVE Title: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVSS:

CVSS:3.1 8.1/7.1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?

Successful exploitation of this vulnerability requires an attacker to win a race condition.


How could an attacker exploit this vulnerability?

An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2022-11-08T08:00:00    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41039
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5019970 (Security Update) Critical Remote Code Execution 5018425 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5019970 (Security Update) Critical Remote Code Execution 5018425 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5019966 (Security Update) Critical Remote Code Execution 5018419
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H1 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution 5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 21H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution
5018410
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for 32-bit Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for ARM64-based Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 22H2 for x64-based Systems 5019959 (Security Update) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for ARM64-based Systems 5019961 (Security Update) Critical Remote Code Execution 5018418 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 for x64-based Systems 5019961 (Security Update) Critical Remote Code Execution 5018418 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for ARM64-based Systems 5019980 (Security Update) Critical Remote Code Execution 5018427
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 11 Version 22H2 for x64-based Systems 5019980 (Security Update) Critical Remote Code Execution 5018427
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Remote Code Execution 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Remote Code Execution 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Remote Code Execution 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Remote Code Execution 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5020010 (Security Only) Critical Remote Code Execution Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Remote Code Execution 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5020000 (Monthly Rollup)
5020013 (Security Only)
Critical Remote Code Execution 5018454
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Remote Code Execution 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5020009 (Monthly Rollup)
5020003 (Security Only)
Critical Remote Code Execution 5018457
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Remote Code Execution 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5020023 (Monthly Rollup)
5020010 (Security Only)
Critical Remote Code Execution 5018474
Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5019964 (Security Update) Critical Remote Code Execution 5018411 Base: 8.1
Temporal: 7.1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation)