Microsoft releases monthly September patches for 5 ‘urgent’ vulnerabilities ZDNet

Microsoft announced on September 13, US time,64 vulnerabilitiesPublication of a monthly patch to correct Among these are 5 vulnerabilities classified as “Critical” and 1 in progress.

This patch includes “Microsoft Windows” and its components, “Microsoft Azure” and “Azure Arc”, “.NET”, “Visual Studio”, “.NET Framework”, “Microsoft Edge” (based on “Chromium”), ” Office” and its components, “Windows Defender”, etc.

This patch isAs noted by the Zero Day InitiativeThis follows 14 vulnerabilities in Microsoft Edge (Chromium-based) and 1 vulnerability in Arm processors that allows speculative execution side-channel attacks.

Addressed in the September monthly patch,Vulnerabilities exploitedaffects the “Windows Common Log File System Driver”. An attacker must already have access to the target system and be able to execute code to exploit this vulnerability. This gives the attacker new privileges and allows him to carry out his attacks.

“This type of vulnerability is often used in conjunction with a form of social engineering that tricks you into opening a file or clicking a link,” the Zero Day Initiative said. It works with privileges and leads to system hacking.

Microsoft thanks researchers from DBAPPSecurity, Mandiant, CrowdStrike, and Zscaler for discovering this vulnerability.

The five critical vulnerabilities disclosed on the 13th could lead to remote code execution (RCE). Two of them are vulnerabilities that affect the on-premises version of Microsoft Dynamics 365. An authenticated user can execute an arbitrary SQL command by running a carefully crafted trust solution package that exploits these vulnerabilities. This allows an attacker to use it as a springboard to elevate privileges and run commands as db_owner in the Dynamics 365 database.

Two other critical vulnerabilities affect the “Protocol Extension” of Windows Internet Key Exchange (IKE). This allows an unauthenticated attacker to send specially crafted IP packets to a target machine to trigger an RCE.

The fifth critical vulnerability affects TCP/IP in Windows, allowing an unauthenticated attacker to send specially crafted IPv6 packets to Windows nodes with IPSec enabled. By sending them to , you can trigger an RCE.