Microsoft disclosed 64 vulnerabilities on Tuesday, including five critical ones (and one already exploited). Patches released address Common Vulnerabilities and Exposures (CVE) in Microsoft Windows and its components, Azure and Azure Arc, .NET and Visual Studio and .NET Framework, Microsoft Edge (Chromium-based), Office and its components, Windows Defender and the Linux kernel.
These fixes are in addition to 15 other fixes for CVEs in Microsoft Edge (Chromium-based) as well as a fix for side channel speculation in Arm processors, as noted by Zero Day Initiative.
For comparison, Microsoft had disclosed 141 critical flaws in August. The only exploited flaw disclosed during Patch Tuesday is in the Windows Common Journaling File System driver. To exploit it, the attacker must already have access to the system and be able to execute code on it. It allows the attacker to gain new privileges, which allows them to execute an attack.
The targeted TCP/IP protocol
“Bugs of this nature are often wrapped up in some form of social engineering attack, such as convincing someone to open a file or click on a link,” notes Zero Day Initiative. “Once they do, additional code runs with elevated privileges to take control of a system. Microsoft credited researchers from DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler for identifying this vulnerability.
The five critical flaws disclosed on Tuesday are all remote code execution (RCE) vulnerabilities. Of these, two impact on-premises versions of Microsoft Dynamics 365. These CVEs allow an authenticated user to run a specially crafted package of trusted solutions to execute arbitrary SQL commands. From there, the attacker can scale up and run commands as db_owner in their Dynamics 365 database.
Two other critical flaws impact Windows Internet Key Exchange (IKE) protocol extensions, allowing an unauthenticated attacker to send a specially crafted IP packet to a target machine. The latest critical flaw impacts Windows TCP/IP, allowing an unauthenticated attacker to send a specially crafted IPv6 packet to a Windows node where IPSec is enabled.
Source: ZDNet.com