Security News

Microsoft Security Bulletin Coverage for October 2022

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of October 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-37970 Windows DWM Core Library Elevation of Privilege Vulnerability
ASPY 369: Malformed-File exe.MP_275

CVE-2022-37974 Windows Mixed Reality Developer Tools Information Disclosure Vulnerability
ASPY 370: Malformed-File exe.MP_276

CVE-2022-37987 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
ASPY 371: Malformed-File exe.MP_277

CVE-2022-37989 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
ASPY 377: Malformed-File exe.MP_280

CVE-2022-38050 Win32k Elevation of Privilege Vulnerability
ASPY 372: Malformed-File exe.MP_278

CVE-2022-38051 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 373: Malformed-File exe.MP_279

CVE-2022-38053 Microsoft SharePoint Server Remote Code Execution Vulnerability
IPS 15500: Microsoft SharePoint Remote Code Execution (CVE-2022-38053)

Adobe Coverage:
CVE-2022-28851 Acrobat Reader Out-of-bounds Read
ASPY 376: Malformed-File pdf.MP_560

CVE-2022-38449 Acrobat Reader Out-of-bounds Read
ASPY 375: Malformed-File pdf.MP_559

The following vulnerabilities do not have exploits in the wild :
CVE-2022-22035 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-24504 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30198 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-33634 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-33635 Windows GDI+ Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-33645 Windows TCP/IP Driver Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-34689 Windows CryptoAPI Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-35770 Windows NTLM Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-35829 Service Fabric Explorer Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-37965 Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-37968 Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37971 Microsoft Windows Defender Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37973 Windows Local Session Manager (LSM) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-37975 Windows Group Policy Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37976 Active Directory Certificate Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37977 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-37978 Windows Active Directory Certificate Services Security Feature Bypass
There are no known exploits in the wild.
CVE-2022-37979 Windows Hyper-V Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37980 Windows DHCP Client Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37981 Windows Event Logging Service Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-37982 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-37983 Microsoft DWM Core Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37984 Windows WLAN Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37985 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-37986 Windows Win32k Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37988 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37990 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37991 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37993 Windows Group Policy Preference Client Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37994 Windows Group Policy Preference Client Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37995 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37996 Windows Kernel Memory Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-37997 Windows Graphics Component Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-37998 Windows Local Session Manager (LSM) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-37999 Windows Group Policy Preference Client Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38000 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38001 Microsoft Office Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2022-38003 Windows Resilient File System Elevation of Privilege
There are no known exploits in the wild.
CVE-2022-38016 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38017 StorSimple 8000 Series Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38021 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38022 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38025 Windows Distributed File System (DFS) Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38026 Windows DHCP Client Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38027 Windows Storage Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38028 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38029 Windows ALPC Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38030 Windows USB Serial Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38031 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38032 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-38033 Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38034 Windows Workstation Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38036 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-38037 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38038 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38039 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38040 Microsoft ODBC Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38041 Windows Secure Channel Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-38042 Active Directory Domain Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38043 Windows Security Support Provider Interface Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38044 Windows CD-ROM File System Driver Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38045 Server Service Remote Protocol Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-38046 Web Account Manager Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-38047 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38048 Microsoft Office Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-38049 Microsoft Office Graphics Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41031 Microsoft Word Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41032 NuGet Client Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-41033 Windows COM+ Event System Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-41034 Visual Studio Code Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41036 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41037 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41038 Microsoft SharePoint Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-41042 Visual Studio Code Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-41043 Microsoft Office Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-41081 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Cisco Prime Network Analysis Module Directory Traversal Vulnerability
Windows DNS Server Remote Code Execution Vulnerability CVE-2020-1350
Zoho ManageEngine Arbitrary File Upload Vulnerability
Legitimate software website was seen distributing malware (Jul 22, 2016)
Cybersecurity News & Trends - 10-02-20
MS IIS WebDAV Information Disclosure (May 28, 2009)
WebLogic Console Help Interface XSS (July 23, 2009)
DressCode Android malware equipped to infiltrate corporate networks (October 21, 2016)