10.12.2022
Microsoft Patch Tuesday, October 11, 2022
Date of Notice: 10/11/2022
Action Level - High
Description
Microsoft’s latest security update on Tuesday October 11, 2022, contains 84 CVEs, with two zero-days including one that is known to be exploited.
The exploited vulnerability, CVE-2022-41033, could be used by an attacker to gain SYSTEM privileges and has been observed in the wild.
Overall, 13 of the CVEs in this cycle are rated Critical. One Important vulnerability is known to be exploited currently, and one has been publicly disclosed.
Remediation
Ensure your devices are running current patches per vendor guidance. Zero Day Initiative has a consolidated list here.