MalwareTech Posted December 13, 2022 Share Posted December 13, 2022 At a quick glance, here are the vulnerabilities I found interesting in the latest patch. CVE-2022-44670 RCE in Windows SSL Tunnel (SSTP) on Server 2008 & 2012 - CVSS 8.1 (unsure if default/common feature) CVE-2022-41089 RCE in .NET framework 3.5, 4.6, 4.8 - CVSS 8.8 CVE-2022-41076 RCE in PowerShell on Server 2008 & 2012 (CVSS 8.5) CVE-2022-47211- CVE-2022-47213 Local RCE in Microsoft Office graphics - CVSS 7.8 CVE-2022-44687 Local RCE in the RAW Image Extension - CVSS 7.8 (nondefault feature) CVE-2022-44702 RCE in Windows Terminal for Windows 10 and 11 - CVSS 7.8 (nondefault feature, probably low risk) CVE-2022-44667/CVE-2022-44668 RCE in Windows Media on Server 2012 to 2022 - CVSS 7.8 2 Link to comment Share on other sites More sharing options...
Elched Posted December 14, 2022 Share Posted December 14, 2022 (edited) The CVE-2022-41076 puzzles me a bit. It says it can be exploited via Network so I am wondering how bad this could be and if this could be coupled with WinRM (or something else that can be used for Powershell remoting) to "automaticall distribute" the exploitation of the vulnerability in a given environment. I have found no additional info apart from the fact that MS says that the attack complexity is high. Did I miss some interesting info? Also @MalwareTech why did you mention only Win 2008 et Win 2012 for this CVE? The MSRC page shows releases for other version of Windows (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41076). But I am notoriously bad at understanding Microsoft's documentation so I might be wrong 🙂 Edited December 14, 2022 by Elched typo Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now