Patch Tuesday, Expert Reaction

By   ISBuzz Team
Writer , Information Security Buzz | Nov 09, 2022 10:46 am PST

Microsoft’s Patch Tuesday update has been released and with it comes fixes for six actively exploited Zero Days, and a total of 68 flaws.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Gareth Lindahl-wise
Gareth Lindahl-wise , Chief Security Advisor
November 9, 2022 6:47 pm

Six actively exploited zero days in one cycle is an unusually high number – 12 critical in all.
Whilst each are important patches in their own right, it is interesting to step back and view them as a whole. Windows Mark of the Web (MoTW) vulnerabilities could lead to degradation or bypass of inbuilt Office ‘Protected View’, which could smooth the way for malicious code to be triggered. There is a remote code execution vulnerability in Windows scripting languages, and then we have privileged escalation vulnerabilities. Indications are that some of these could be chained together.
Initial compromise, remote code execution and privilege execution are all unlikely to be on a CISOs Christmas list.
From a prevention perspective – identify, prioritise, and patch. You should also ensure that your Detection and Response capabilities are geared towards these specific CVEs and general tactics.

Last edited 1 year ago by gareth.lindahl-wise

Recent Posts

Would love your thoughts, please comment.x