Today’s VERT Alert addresses Microsoft’s December 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1034 on Wednesday, December 14th.
In-The-Wild & Disclosed CVEs
This vulnerability allows a malicious individual to bypass SmartScreen, which does a reputation check based on Mark of the Web identifiers. We saw CVE-2022-41091 released last month, which was widely discussed on social media and bypassed Mark of the Web. Successful exploitation of this vulnerability, which has seen public exploitation, could allow a malicious file to evade Mark of the Web defenses.
AppContainer provides an isolated execution environment, limiting the resources based on the concept of least-privilege. A vulnerability in DirectX could allow a successful attacker to escape a contained execution environment and gain SYSTEM level privileges by exploiting a race condition. According to Microsoft, this vulnerability has been publicly disclosed but is not currently seeing active exploitation.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also color coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
|
Tag |
CVE Count |
CVEs |
|
Windows Secure Socket Tunneling Protocol (SSTP) |
2 |
CVE-2022-44676, CVE-2022-44670 |
|
Windows Error Reporting |
1 |
CVE-2022-44669 |
|
Windows HTTP Print Provider |
1 |
CVE-2022-44678 |
|
SysInternals |
1 |
CVE-2022-44704 |
|
Microsoft Dynamics |
1 |
CVE-2022-41127 |
|
Windows DirectX |
1 |
CVE-2022-44710 |
|
Windows PowerShell |
1 |
CVE-2022-41076 |
|
Microsoft Office SharePoint |
2 |
CVE-2022-44690, CVE-2022-44693 |
|
Microsoft Windows Codecs Library |
3 |
CVE-2022-44667, CVE-2022-44668, CVE-2022-44687 |
|
Microsoft Office Visio |
3 |
CVE-2022-44694, CVE-2022-44695, CVE-2022-44696 |
|
Microsoft Graphics Component |
12 |
CVE-2022-44679, CVE-2022-44680, CVE-2022-44697, CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-41074, CVE-2022-41121, CVE-2022-44671, CVE-2022-47211, CVE-2022-47212, CVE-2022-47213 |
|
Windows Kernel |
2 |
CVE-2022-44683, CVE-2022-44707 |
|
Microsoft Bluetooth Driver |
2 |
CVE-2022-44674, CVE-2022-44675 |
|
Microsoft Office |
1 |
CVE-2022-44692 |
|
Client Server Run-time Subsystem (CSRSS) |
1 |
CVE-2022-44673 |
|
Windows Projected File System |
1 |
CVE-2022-44677 |
|
Windows Subsystem for Linux |
1 |
CVE-2022-44689 |
|
Windows SmartScreen |
1 |
CVE-2022-44698 |
|
Windows Fax Compose Form |
1 |
CVE-2022-41077 |
|
.NET Framework |
1 |
CVE-2022-41089 |
|
Windows Contacts |
1 |
CVE-2022-44666 |
|
Azure |
1 |
CVE-2022-44699 |
|
Microsoft Office Outlook |
2 |
CVE-2022-24480, CVE-2022-44713 |
|
Windows Print Spooler Components |
1 |
CVE-2022-44681 |
|
Role: Windows Hyper-V |
2 |
CVE-2022-44682, CVE-2022-41094 |
|
Microsoft Office OneNote |
1 |
CVE-2022-44691 |
|
Microsoft Edge (Chromium-based) |
24 |
CVE-2022-4174, CVE-2022-4175, CVE-2022-4177, CVE-2022-4178, CVE-2022-4179, CVE-2022-4180, CVE-2022-4181, CVE-2022-4182, CVE-2022-4183, CVE-2022-4184, CVE-2022-4185, CVE-2022-4186, CVE-2022-4187, CVE-2022-4188, CVE-2022-4189, CVE-2022-4190, CVE-2022-4191, CVE-2022-4192, CVE-2022-4193, CVE-2022-4194, CVE-2022-4195, CVE-2022-44688, CVE-2022-44708, CVE-2022-41115 |
|
Windows Terminal |
1 |
CVE-2022-44702 |
Other Information
At the time of publication, there were no new advisories included with the December Security Guidance.
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.
