Microsoft Patch Tuesday – September 2022

Patch Tuesday is once again upon us. The September 2022 edition of Patch Tuesday brings us 63 fixes, with 5 rated as critical. We've listed the most important changes below.

⚡ TL;DR | Go Straight to the September 2022 Patch Tuesday Audit Report

Windows TCP/IP Remote Code Execution Vulnerability

Of the 5 critical vulnerabilities fixed in this Patch Tuesday, only one is more likely to be exploited. CVE-2022-34718 is a remote code execution vulnerability that received a CVSS score of 9.8. When exploited it would allow an unauthenticated attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled. This in turn could enable a remote code execution exploitation on that machine. However, this also means that only systems with the IPSec service running would be vulnerable to this attack.

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

Two of the critical vulnerabilities CVE-2022-34721 and CVE-2022-34722 are remote code execution vulnerabilities in the Windows Internet Key Exchange (IKE) protocol. More specifically, IKEv1. IKEv2 is not impacted. All Windows Servers are affected though because they accept both V1 and V2 packets. While these vulnerabilities are less likely to be exploited, they still received a CVSS score of 9.8 and should be addressed as soon as possible.

Just like with the vulnerability above, these vulnerabilities could allow an unauthenticated attacker to send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

The final two critical vulnerabilities that were addressed in this Patch Tuesday are a set of remote code execution vulnerabilities that affect the on-premises version of the Microsoft Dynamics CRM. CVE-2022-34700 and CVE-2022-35805 both received a CVSS score of 8.8, but they are once again less likely to be exploited.

These vulnerabilities would allow an authenticated user to run a specially crafted trusted solution package to execute arbitrary SQL commands. From there they would be able to escalate and execute commands as db_owner within their Dynamics 365 database. The fact that the user must be authenticated makes it harder to exploit these vulnerabilities.

Run the Patch Tuesday September 2022 Audit Report

To help manage your update progress, we've created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday September 2022 CVE Codes & Titles

CVE NumberCVE Title
CVE-2022-38020Visual Studio Code Elevation of Privilege Vulnerability
CVE-2022-38019AV1 Video Extension Remote Code Execution Vulnerability
CVE-2022-38013.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2022-38011Raw Image Extension Remote Code Execution Vulnerability
CVE-2022-38010Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-38009Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38008Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38007Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
CVE-2022-38006Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-38005Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-38004Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-37969Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-37964Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37963Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2022-37962Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2022-37961Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-37959Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability
CVE-2022-37958SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability
CVE-2022-37957Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37956Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37955Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37954DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2022-35841Windows Enterprise App Management Service Remote Code Execution Vulnerability
CVE-2022-35840Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-35838HTTP V3 Denial of Service Vulnerability
CVE-2022-35837Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-35836Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-35835Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-35834Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-35833Windows Secure Channel Denial of Service Vulnerability
CVE-2022-35832Windows Event Tracing Denial of Service Vulnerability
CVE-2022-35831Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2022-35830Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-35828Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
CVE-2022-35823Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2022-35805Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
CVE-2022-35803Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2022-34734Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34733Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-34732Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34731Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-34730Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34729Windows GDI Elevation of Privilege Vulnerability
CVE-2022-34728Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-34727Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34726Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-34725Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-34724Windows DNS Server Denial of Service Vulnerability
CVE-2022-34723Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability
CVE-2022-34722Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2022-34721Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
CVE-2022-34720Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2022-34719Windows Distributed File System (DFS) Elevation of Privilege Vulnerability
CVE-2022-34718Windows TCP/IP Remote Code Execution Vulnerability
CVE-2022-34700Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability
CVE-2022-33679Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-33647Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-30200Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30196Windows Secure Channel Denial of Service Vulnerability
CVE-2022-30170Windows Credential Roaming Service Elevation of Privilege Vulnerability
CVE-2022-26929.NET Framework Remote Code Execution Vulnerability
CVE-2022-26928Windows Photo Import API Elevation of Privilege Vulnerability
CVE-2022-23960Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability

Receive the Latest Patch Tuesday Report for FREE Every Month

  • Hidden
  • This field is for validation purposes and should be left unchanged.

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​