Jump to content

Patch Tuesday December 2022 - Items of interest


Recommended Posts

At a quick glance, here are the vulnerabilities I found interesting in the latest patch. 

CVE-2022-44670 RCE in Windows SSL Tunnel (SSTP) on Server 2008 & 2012 - CVSS 8.1 (unsure if default/common feature)

CVE-2022-41089 RCE in .NET framework 3.5, 4.6, 4.8 - CVSS 8.8

CVE-2022-41076 RCE in PowerShell on Server 2008 & 2012 (CVSS 8.5)

CVE-2022-47213 Local RCE in Microsoft Office graphics - CVSS 7.8

CVE-2022-44687 Local RCE in the RAW Image Extension - CVSS 7.8 (nondefault feature)

CVE-2022-44702 RCE in Windows Terminal for Windows 10 and 11 - CVSS 7.8 (nondefault feature, probably low risk)

CVE-2022-44667/CVE-2022-44668 RCE in Windows Media on Server 2012 to 2022 - CVSS 7.8

  • Like 2
Link to comment
Share on other sites

The CVE-2022-41076 puzzles me a bit. It says it can be exploited via Network so I am wondering how bad this could be and if this could be coupled with WinRM (or something else that can be used for Powershell remoting) to "automaticall distribute" the exploitation of the vulnerability in a given environment.

I have found no additional info apart from the fact that MS says that the attack complexity is high. Did I miss some interesting info?


Also @MalwareTech why did you mention only Win 2008 et Win 2012 for this CVE? The MSRC page shows releases for other version of Windows (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41076). But I am notoriously bad at understanding Microsoft's documentation so I might be wrong 🙂

Edited by Elched
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...