Microsoft Ending 2022's Security Patching with 2 Zero Day Updates
Microsoft's final security update of the year arrived on Tuesday, featuring 6 bulletin items rated "critical," a flaw fix total of 49.
If that number sounds lower than recent months, it's because it is. "December is typically a light month for Microsoft patches, and this year is no exception," wrote security expert Dustin Childs in his Zero Day Initiative blog. "It's also the smallest monthly release this year. Overall, 2022 was Microsoft’s second busiest ever with Microsoft fixing over 900 CVEs in total."
December's security update's big-ticket items are the two zero day vulnerability fixes, which should be applied as soon as possible. If looking for an order, prioritize CVE-2022-44698, a currently exploited flaw in Windows SmartScreen that, "an attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging," according to Microsoft.
This flaw fix stretches across all supported versions of Windows OS and Windows Server.
Next, IT should set its sights on bulletin CVE-2022-44710. This addresses and elevation of privilege vulnerability in the DirectX Graphics Kernel in Windows 11 that could lead to full access of a system, if exploited. Fortunately, Microsoft has yet to see any active attacks targeting the flaw. But because it is publicly known, that won't be the case for long.
Microsoft has classified this fix as "moderate" and said that if attacks are developed, they would need a high degree of complexity to execute against a targeted system.
December 'Critical' Items
After the two items above have been addressed, it would be wise to focus on the six bulletins rated "critical" for December. They include:
- CVE-2022-41127: Remote code execution vulnerability in Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (on premises).
- CVE-2022-44693: Remote code execution vulnerability in Microsoft SharePoint Server.
- CVE-2022-44690: Remote code execution vulnerability in Microsoft SharePoint Server.
- CVE-2022-41076: Remote code execution vulnerability in PowerShell.
- CVE-2022-44670: Remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP).
- CVE-2022-44676: Remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP).
Windows 10 version 21H1 Loses Support
With today's patch, Microsoft has officially sunsetted Windows 10 version 21H1, and will not be included in future cumulative security updates and feature improvements. Those running the older version of Windows 10, also known as the May 2021 Update, should migrate to a newer version of Windows 10 or jump to Windows 11.
Next year will kick off with Microsoft ending extended security update support for Windows 7 and Windows 8.1 in January.