The Microsoft September 2022 security updates have been released and consist of 64 new CVEs. Of these CVEs, 5 are rated critical, 57 rated important, 1 rated moderate, and 1 rated low in severity. At the time of release, one is listed as publicly known and as under public active attack.
The security updates apply to the following products, features, and roles: .NET and Visual Studio, .NET Framework, Azure Arc, Cache Speculation, HTTP.sys, Microsoft Dynamics, Microsoft Edge (Chromium-based), Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Office Visio, Microsoft Windows ALPC, Microsoft Windows Codecs Library, Network Device Enrollment Service (NDES), Role: DNS Server, Role: Windows Fax Service, SPNEGO Extended Negotiation, Visual Studio Code, Windows Common Log File System Driver, Windows Credential Roaming Service, Windows Defender, Windows Distributed File System (DFS), Windows DPAPI (Data Protection Application Programming Interface), Windows Enterprise App Management, Windows Event Tracing, Windows Group Policy, Windows IKE Extension, Windows Kerberos, Windows Kernel, Windows LDAP - Lightweight Directory Access Protocol, Windows ODBC Driver, Windows OLE, Windows Photo Import API, Windows Print Spooler Components, Windows Remote Access Connection Manager, Windows Remote Procedure Call, Windows TCP/IP, and Windows Transport Security Layer (TLS).
See the list of KBs at the bottom of the page at September 2022 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds.
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative -- The September 2022 Security Update Review.
Additional Update Notes:
- MSRT -- The Malicious Software Removal Tool is now run on a quarterly basis rather than monthly. See Remove specific prevalent malware with Windows Malicious Software Removal Tool.
- Servicing Stack Updates -- Microsoft now combines the latest servicing stack update (SSU) for your operating system with the Latest Cumulative Updates (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.
- Windows updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows, in addition to non-security updates. The updates are also available via search for the KB number in the Microsoft Update Catalog.
- For information on lifecycle and support dates for Windows 10 and Windows 11 operating systems, please see Windows 10 Home and Pro - Microsoft Lifecycle | Microsoft Docs and Windows 11 Home and Pro (Version 21H2) - Microsoft Lifecycle | Microsoft Docs.
- Windows Update History:
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment