Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report.
All vulnerabilities: 105
Urgent: 2
Critical: 1
High: 29
Medium: 71
Low: 2
00:28 Remote Code Execution – Microsoft Exchange (CVE-2022-41040, CVE-2022-41082) #ProxyNotShell
01:39 Elevation of Privilege – Windows COM+ Event System Service (CVE-2022-41033)
02:33 3 vulnerabilities with Proof-of-Concept Exploit according to CVSS
03:26 Elevation of Privilege – Active Directory (CVE-2022-37976)
04:03 Elevation of Privilege – Azure Arc-enabled Kubernetes cluster Connect (CVE-2022-37968)
04:43 Remote Code Execution – Microsoft Office (CVE-2022-38048)
Video: https://youtu.be/NJmLgAjyxmE
Video2 (for Russia): https://vk.com/video-149273431_456239106
Blogpost: https://avleonov.com/2022/10/29/microsoft-patch-tuesday-october-2022-exchange-proxynotshell-rce-windows-com-eop-ad-eop-azure-arc-kubernetes-eop/
Full report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_october2022_report_with_comments_ext_img.html
@avleonovcom #microsoft #patchtuesday
All vulnerabilities: 105
Urgent: 2
Critical: 1
High: 29
Medium: 71
Low: 2
00:28 Remote Code Execution – Microsoft Exchange (CVE-2022-41040, CVE-2022-41082) #ProxyNotShell
01:39 Elevation of Privilege – Windows COM+ Event System Service (CVE-2022-41033)
02:33 3 vulnerabilities with Proof-of-Concept Exploit according to CVSS
03:26 Elevation of Privilege – Active Directory (CVE-2022-37976)
04:03 Elevation of Privilege – Azure Arc-enabled Kubernetes cluster Connect (CVE-2022-37968)
04:43 Remote Code Execution – Microsoft Office (CVE-2022-38048)
Video: https://youtu.be/NJmLgAjyxmE
Video2 (for Russia): https://vk.com/video-149273431_456239106
Blogpost: https://avleonov.com/2022/10/29/microsoft-patch-tuesday-october-2022-exchange-proxynotshell-rce-windows-com-eop-ad-eop-azure-arc-kubernetes-eop/
Full report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_october2022_report_with_comments_ext_img.html
@avleonovcom #microsoft #patchtuesday