
Microsoft patched 62 CVEs (excluding CVEs for chromium bugs) in its September 2022 Patch Tuesday release, with five rated as critical and 57 rated as important. A lighter one when compared to August 2022.

This month’s update includes patches for below products:
- .NET and Visual Studio
- .NET Framework
- Azure
- Azure Arc
- Cache Speculation
- HTTP.sys
- Microsoft Dynamics
- Microsoft Edge (Chromium-based)
- Microsoft Graphics Component
- Microsoft Office
- Microsoft Office SharePoint
- Microsoft Office Visio
- Microsoft Windows ALPC
- Microsoft Windows Codecs Library
- Network Device Enrollment Service (NDES)
- Role: DNS Server
- Role: Windows Fax Service
- SPNEGO Extended Negotiation
- Visual Studio Code
- Windows Common Log File System Driver
- Windows Credential Roaming Service
- Windows Defender
- Windows Distributed File System (DFS)
- Windows DPAPI (Data Protection Application Programming Interface)
- Windows Enterprise App Management
- Windows Event Tracing
- Windows Group Policy
- Windows IKE Extension
- Windows Kerberos
- Windows Kernel
- Windows LDAP – Lightweight Directory Access Protocol
- Windows ODBC Driver
- Windows OLE
- Windows Photo Import API
- Windows Print Spooler Components
- Windows Remote Access Connection Manager
- Windows Remote Procedure Call
- Windows TCP/IP
- Windows Transport Security Layer (TLS)
Windows Common Log File System Driver EoP Vulnerability
CVE-2022-37969 is an EoP vulnerability in the Windows Common Log File System (CLFS) Driver. this vulnerability is a post-exploitation bug that has been exploited in the wild and disclosed prior to a patch being available.
CVE-2022-24521, a similar vulnerability in CLFS, was patched earlier this year as part of Microsoft’s April Patch Tuesday release, which was also exploited in the wild. It is unclear currently if CVE-2022-37969 is potentially a patch-bypass for CVE-2022-24521.
Windows TCP/IP RCE Vulnerability
CVE-2022-34718 is an RCE in Windows TCP/IP with a CVSSv3 score of 9.8 and was rated Exploitation More Likely. This vulnerability can only be exploited against systems with Internet Protocol Security (IPsec) enabled. Successful exploitation could grant an unauthenticated attacker remote code execution. Microsoft has released patches for all supported versions of Windows, including Server Core editions.
Windows Internet Key Exchange (IKE) Protocol Extensions RCE Vulnerability
CVE-2022-34721 and CVE-2022-34722 are RCE vulnerabilities in the Windows IKE protocol extensions with a CVSSv3 score of 9.8 and were rated Exploitation Less Likely.
The IKE protocol is a component of IPsec used to set up security associations. These vulnerabilities would allow an unauthenticated, remote attacker to send a specially crafted IP packet to a target with IPsec enabled and achieve remote code execution. IPsec is used to protect sensitive data and is commonly used in virtual private networks. CVE-2022-34720, a DoS flaw in the IKE Protocol Exchange, and CVE-2022-35830, an RCE vulnerability in the Remote Procedure Call runtime.
Windows Kernel EoP Vulnerability
CVE-2022-37956, CVE-2022-37957, and CVE-2022-37964 are EoP vulnerabilities impacting the Windows Kernel. CVSSv3 score is 7.8 for all three vulnerabilities and if exploited, could allow an attacker to gain SYSTEM level privileges. Of the three, only CVE-2022-37957 was rated as Exploitation More Likely. All three impact various versions of Windows.
Microsoft Dynamics 365 Vulnerabilities
Two other critical vulnerabilities, CVE-2022-35805 and CVE-2022-34700 exist in on-premises instances of Microsoft Dynamics 365. An authenticated attacker could exploit these vulnerabilities to run a specially crafted trusted solution package and execute arbitrary SQL commands. The attacker could escalate their privileges further and execute commands as the database owner.
SharePoint Vulnerabilities
Four SharePoint remote code execution vulnerabilities, CVE-2022-35823, CVE-2022-38008, CVE-2022-38009, and CVE-2022-37961, would likely be exploited by an attacker that already has initial access to move laterally across the network. The bugs could impact organizations that use SharePoint for internal wikis or document stores, and attackers could exploit them to steal confidential information, replace documents with new versions that contain malicious code or inject macros to infect other systems.
Other notable bugs
- CVE-2022-34724 – Windows DNS Server Denial of Service Vulnerability
- CVE-2022-3075 – Chromium: CVE-2022-3075 Insufficient data validation in Mojo
Vulnerabilities summary
CVE | Title | CVSSv3 base score |
CVE-2022-38013 | .NET Core and Visual Studio Denial of Service Vulnerability | 7.5 |
CVE-2022-26929 | .NET Framework Remote Code Execution Vulnerability | 7.8 |
CVE-2022-23960 | Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability | N/A |
CVE-2022-38019 | AV1 Video Extension Remote Code Execution Vulnerability | 7.8 |
CVE-2022-38007 | Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-3038 | Chromium: CVE-2022-3038 Use after free in Network Service | N/A |
CVE-2022-3039 | Chromium: CVE-2022-3039 Use after free in WebSQL | N/A |
CVE-2022-3040 | Chromium: CVE-2022-3040 Use after free in Layout | N/A |
CVE-2022-3041 | Chromium: CVE-2022-3041 Use after free in WebSQL | N/A |
CVE-2022-3044 | Chromium: CVE-2022-3044 Inappropriate implementation in Site Isolation | N/A |
CVE-2022-3045 | Chromium: CVE-2022-3045 Insufficient validation of untrusted input in V8 | N/A |
CVE-2022-3046 | Chromium: CVE-2022-3046 Use after free in Browser Tag | N/A |
CVE-2022-3047 | Chromium: CVE-2022-3047 Insufficient policy enforcement in Extensions API | N/A |
CVE-2022-3053 | Chromium: CVE-2022-3053 Inappropriate implementation in Pointer Lock | N/A |
CVE-2022-3054 | Chromium: CVE-2022-3054 Insufficient policy enforcement in DevTools | N/A |
CVE-2022-3055 | Chromium: CVE-2022-3055 Use after free in Passwords | N/A |
CVE-2022-3056 | Chromium: CVE-2022-3056 Insufficient policy enforcement in Content Security Policy | N/A |
CVE-2022-3057 | Chromium: CVE-2022-3057 Inappropriate implementation in iframe Sandbox | N/A |
CVE-2022-3058 | Chromium: CVE-2022-3058 Use after free in Sign-In Flow | N/A |
CVE-2022-3075 | Chromium: CVE-2022-3075 Insufficient data validation in Mojo | N/A |
CVE-2022-37954 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-35838 | HTTP V3 Denial of Service Vulnerability | 7.5 |
CVE-2022-35828 | Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-35805 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34700 | Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | 8.8 |
CVE-2022-38012 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 7.7 |
CVE-2022-34726 | Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34727 | Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34730 | Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34732 | Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34734 | Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 |
CVE-2022-38010 | Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 |
CVE-2022-37963 | Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 |
CVE-2022-35834 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-35835 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-35836 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-35840 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34731 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-34733 | Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-37962 | Microsoft PowerPoint Remote Code Execution Vulnerability | 7.8 |
CVE-2022-35823 | Microsoft SharePoint Remote Code Execution Vulnerability | 8.1 |
CVE-2022-38008 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-38009 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-37961 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 |
CVE-2022-37959 | Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | 6.5 |
CVE-2022-38011 | Raw Image Extension Remote Code Execution Vulnerability | 7.3 |
CVE-2022-35830 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 |
CVE-2022-37958 | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability | 7.5 |
CVE-2022-38020 | Visual Studio Code Elevation of Privilege Vulnerability | 7.3 |
CVE-2022-34725 | Windows ALPC Elevation of Privilege Vulnerability | 7 |
CVE-2022-37969 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-35803 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-30170 | Windows Credential Roaming Service Elevation of Privilege Vulnerability | 7.3 |
CVE-2022-34719 | Windows Distributed File System (DFS) Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-34724 | Windows DNS Server Denial of Service Vulnerability | 7.5 |
CVE-2022-34723 | Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability | 5.5 |
CVE-2022-35841 | Windows Enterprise App Management Service Remote Code Execution Vulnerability | 8.8 |
CVE-2022-35832 | Windows Event Tracing Denial of Service Vulnerability | 5.5 |
CVE-2022-38004 | Windows Fax Service Remote Code Execution Vulnerability | 7.8 |
CVE-2022-34729 | Windows GDI Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-38006 | Windows Graphics Component Information Disclosure Vulnerability | 6.5 |
CVE-2022-34728 | Windows Graphics Component Information Disclosure Vulnerability | 5.5 |
CVE-2022-35837 | Windows Graphics Component Information Disclosure Vulnerability | 5 |
CVE-2022-37955 | Windows Group Policy Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-34720 | Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | 7.5 |
CVE-2022-34721 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 9.8 |
CVE-2022-34722 | Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability | 9.8 |
CVE-2022-33679 | Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
CVE-2022-33647 | Windows Kerberos Elevation of Privilege Vulnerability | 8.1 |
CVE-2022-37964 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-37957 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-37956 | Windows Kernel Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-30200 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | 7.8 |
CVE-2022-26928 | Windows Photo Import API Elevation of Privilege Vulnerability | 7 |
CVE-2022-38005 | Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 |
CVE-2022-35831 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 |
CVE-2022-30196 | Windows Secure Channel Denial of Service Vulnerability | 8.2 |
CVE-2022-35833 | Windows Secure Channel Denial of Service Vulnerability | 7.5 |
CVE-2022-34718 | Windows TCP/IP Remote Code Execution Vulnerability | 9.8 |