Patch Tuesday Fixes Actively Exploited MOTW Vulnerability

0
166

Microsoft’s December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698, that’s being actively exploited.

Regarding that flaw, Microsoft observed, “An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.”

The Magniber ransomware group has been leveraging the flaw to target victims for the past few months. 0patch released a temporary micropatch in October, but Microsoft’s official patch now supersedes their fix.

Other Key Updates

Syxsense founder and CEO Ashley Leonard noted by email that it’s a relatively small Patch Tuesday, which should be welcome news for most companies as the holidays approach. “But with two zero days, it’s crucial that all IT departments deploy the recommended patches to reduce serious risk,” he said.

In addition to the SmartScreen MOTW flaw, Leonard highlighted CVE-2022-44710, a privilege escalation vulnerability in the…

Read More…