Microsoft usually releases a new security update for Windows every month. This company with approval Zero day vulnerability (Zero-Day) on their desktop OS, advised users to apply the new security update on their system as soon as possible.
This month, about 63 security vulnerabilities in Windows have been identified and fixed, of which five have been marked as critical vulnerabilities. Additionally, the CVE-2022-37969 bug is said to have been exploited by attackers for some time.
What is CVE-2022-37969?
to report ForbesCVE-2022-37969 has a vulnerability rating of 7.8 and affects Windows 7 to 11, as well as Windows Server 2008 and 2012. This security bug is related to the Windows shared file reporting system. Microsoft has confirmed that attackers with a successful attack through this vulnerability can gain the necessary privileges to control the target system, and the malicious code (Expliot) related to this bug is also available.
Although the need for physical access to the target system in order to use CVE-2022-37969 will reduce the possibility of attackers executing arbitrary code, even in this situation, it cannot be said that this vulnerability is insignificant. In fact, the attacker can use a different bug or a phishing attack and by tricking the target to click on an infected link, to gain the privileges of this vulnerability and, as a result, gain access to the control of his system.
Mike WaltersAction1 Cyber Security Manager said of the CVE-2022-37969 vulnerability.
Since this bug is not very complex and does not require user interaction to take advantage of it, it will probably be widely exploited by both white hat and black hat hackers. Therefore, it is recommended to install the security patch related to this problem on your system as soon as possible.
What other vulnerabilities have been fixed in this week’s Microsoft security patch?
Mike Walters, cited three other vulnerabilities as important bugs recently discovered in Windows. CVE-2022-34722 and CVE-2022-34721 allow remote code execution via the Windows Internet Key Exchange (IKE) protocol, and both have a score of 9.8, making them classified as critical vulnerabilities. These two bugs also have little complexity and attackers can use them to penetrate the user’s system without the need for user interaction.
Another vulnerability, identified as CVE-2022-34718, allows remote code execution via the Windows TCP/IP protocol. waltz It says the nature of the bug makes it more likely to be exploited. He further explains:
CVE-2022-34718 vulnerability allows a network attack to affect systems running the IPsec service; Therefore, users are advised to disable IPsec as soon as possible if they do not need it.
According to Waltz, attackers are using so-called supply chain attacks to exploit the CVE-2022-34718 vulnerability; Where the IPsec service creates a communication tunnel between the server and the client. Therefore, if you use IPsec tunnels in your Windows infrastructure, we recommend that you install the new Microsoft security update on your operating system as soon as possible.