Millions of Microsoft Users Warned of Urgent Security Vulnerability: CVE- 2022-37969 Vulnerability Fixed

Microsoft has just rolled out new security patches for a zero-day vulnerability that has long been exploited by attackers. In total, 63 security vulnerabilities have been identified and fixed in the first half of September.

Microsoft has Released a Security Update to Potentially Fix the 63 Different Vulnerabilities that have been Spotted

According to the story by Forbes, Microsoft is reportedly rolling out its latest set of security fixes which aims to fix another zero-day vulnerability that the company itself confirmed. Millions of users are now being advised to apply the security updates as fast as they can.

To sum everything up, there have been 63 different security vulnerabilities that have been spotted and patched throughout the month alone. Out of all these vulnerabilities, five of them were classified as critical, while one of them was already actively being exploited.

The Vulnerability was Called CVE- 2022-37969 and was Given a Severity Rating of 7.8

The vulnerability that was actively being exploited was given the name CVE-2022-37969 and gained a 7.8 severity rating putting it in the higher-risk bracket. The vulnerability reportedly affects different versions, including Windows 7 all the way to Windows 11.

Other systems affected include the Windows Server 2008 and the Windows Server 2012. This is reportedly an elevation of the privilege vulnerability that can be found in the Common Log File System of Windows.

The Company Confirmed that If an Attack Happened Using the Vulnerability, Users Devices Could be Affected

The company has confirmed that should a successful attack happen, the attackers would be able to gain control of the system privileges. This would then result in them taking control of the machine as well as the exploit code.

An article by Bleeping Computer provided an outline regarding the type of vulnerabilities found and their classifications. There were sixteen vulnerabilities included that affected Microsoft Edge but were fixed even before the recent patch.

Here are the Different Vulnerabilities and Their Classifications:

  • Remote Code Execution Vulnerabilities - 30 found

  • Elevation of Privilege Vulnerabilities - 18 found

  • Edge - Chromium Vulnerabilities - 16 found (already fixed)

  • Information Disclosure Vulnerabilities - 7 found

  • Denial of Service Vulnerabilities - 7 found

  • Security Feature Bypass Vulnerabilities - 1 found

How Users Can Improve the Security of Their Devices by Updating Them

An article by The Sun provides users with a guide regarding how to protect their devices, including the most important step, which is updating their devices. In order to do so, users will first have to first go to their device's Settings.

Once users are in the Settings option, they will have to go to the Update & Security option and click on Windows Update. Microsoft will also send out a notification to alert device owners whenever there is pressing material information that could affect the security of the customer, and when this happens, users are urged to follow the steps provided in the update or notification.

Related Article: Google Chrome Security Vulnerability Spotted: Browser Update is Demanded to Protect Against CVE-2022-307

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics