Microsoft Patch Day in October 2022
For patch day in October, Microsoft released over 80 patches for Azure, Office, Windows & Co. The exchange loopholes that have recently become known have not yet been closed.
Microsoft users still have to wait for the much-awaited update for the Exchange vulnerabilities. On the patch day in October 2022, however, two other publicly known security gaps were closed.
The vulnerability CVE-2022-41033 “high” affects the COM+ event system and applies to all current Windows and Windows Server versions, up to Windows 10 and Windows 11 as well as Windows Server 2019 and Windows Server 2022. Attackers can take over a system by escalating access privileges and executing remote code. The malware is likely to enter networks via phishing attacks.
The CVE-2022-41043 “medium” vulnerability affects the LTSC versions from Office 2019 and 2021. This could leak information.
Generally, if you use Microsoft software, you should make sure that “Windows Update” is active and that all security updates are installed. In the default setting, this is automatically the case.
Securing Exchange servers
Exchange servers have been under attack since the end of September. The attackers use the two exchange vulnerabilities CVE-2022-41040 “high” and CVE-2022-41082 “medium” for malicious code attacks. Among other things, they push the ransomware Lockbit onto systems. All Exchange versions from Exchange Server 2013 onwards are affected by the vulnerabilities. When corresponding security updates will appear remains unclear, the current status Microsoft summed it up in a blog post.
In order to best protect their systems, Exchange admins should always install the latest updates for Exchange – especially the latest cumulative update for the respective Exchange version. The latter contains the so-called Emergency Mitigation Service, which helps to close the security gaps.