Advertisement Banner
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Cyber News

December 2022 Patch Tuesday fixed 2 zero-day flawsSecurity Affairs

admin by admin
December 14, 2022
in Cyber News


Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products.

Microsoft December 2022 Patch Tuesday security updates addressed 52 vulnerabilities in Microsoft Windows and Windows Components; Azure; Office and Office Components; SysInternals; Microsoft Edge (Chromium-based); SharePoint Server; and the .NET framework. 12 of these vulnerabilities were submitted through the ZDI program.

Six vulnerabilities are rated Critical, 43 Important, and three are Moderate in severity. Microsoft December 2022 Patch Tuesday security updates fixed two zero-day vulnerabilities; one of the new issues addressed this month is listed as publicly known at the time of release, and one is actively exploited.

The actively exploited zero-day is a Windows SmartScreen security feature bypass vulnerability tracked as CVE-2022-44698.

“An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.” reads the advisory published by the IT giant.

Another interesting flaw addressed by Microsoft is a DirectX Graphics Kernel elevation of privilege vulnerability tracked as CVE-2022-44710.

“An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” reads the advisory. “Successful exploitation of this vulnerability requires an attacker to win a race condition.”

The full list of CVEs released by Microsoft for December 2022 is available here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, December 2022 Patch Tuesday)




Share On






Source link

Previous Post

Deepika Padukone’s costumes in ‘Besharam Rang’ sparks row, MP minister raises objection –

Next Post

Meta takes down surveillance-for-hire firms, calls for government action against the industry

Next Post

Meta takes down surveillance-for-hire firms, calls for government action against the industry

Recommended

Prices Rose and Protests Convulsed South Asia in 2022 – The Diplomat

1 month ago

Bitcoin, Ether extend gains; XRP biggest winner in top 10

1 month ago

© 2022 Law Enforcement News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Cyber News
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Cyber News
  • Contact

© 2022 Law Enforcement News Hubb All rights reserved.