Microsoft’s Patch Tuesday update has been released and with it comes fixes for six actively exploited Zero Days, and a total of 68 flaws.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Gareth.lindahl-wise
Gareth.lindahl-wise , Chief Security Advisor
InfoSec Expert
November 9, 2022 6:47 pm

Six actively exploited zero days in one cycle is an unusually high number – 12 critical in all.
 
Whilst each are important patches in their own right, it is interesting to step back and view them as a whole. Windows Mark of the Web (MoTW) vulnerabilities could lead to degradation or bypass of inbuilt Office ‘Protected View’, which could smooth the way for malicious code to be triggered. There is a remote code execution vulnerability in Windows scripting languages, and then we have privileged escalation vulnerabilities. Indications are that some of these could be chained together.
 
Initial compromise, remote code execution and privilege execution are all unlikely to be on a CISOs Christmas list.
 
From a prevention perspective – identify, prioritise, and patch. You should also ensure that your Detection and Response capabilities are geared towards these specific CVEs and general tactics.

Last edited 22 days ago by gareth.lindahl-wise
1
0
Would love your thoughts, please comment.x
()
x