Microsoft's September Patch Labobeli e rarolla bofokoli ba 63 ka letsatsi le le leng le sebelisitsoeng hampe.

Ka har'a patch patch bundle e lokollotsoeng Labobeli lena ke Microsoft, litokiso bakeng sa bofokoli ba 63 le ho pepeseha li fanoe. Bofokoli bo bohlano bo nkoa e le bo “Bohlokoa,” bo 57 ba bona ke “Bohlokoa,” ’me bo bong bo nkoa e le “bo Itekanetseng.” 

Haholo-holo, liphoso li entsoe ka Kotsi e le 'ngoe ea Tšireletso ea Feature Bypass Vulnerabilities tse supileng tsa Phatlalatso ea Tlhahisoleseding, tse supileng tsa Denial of Service Vulnerations, 18 Elevation of Privilety Vulnerabilities, le 30 Remote Code Execution Vulnerabilities. Haeba bofokoli bo kentsoeng ho Microsoft Edge pele ho Labobeli lena la Patch, palo eohle ea li-CVE e nyolohela ho 79.

Tse peli tsa bofokoli tseo li ile tsa senoloa phatlalatsa ka bofokoli ba matsatsi a zero, 'me e 'ngoe ea tsona (e lateloa e le "CVE-2022-37969 - Windows Common Log File System Driver Elevation of Privilege Vulnerability”) e hlalosoang e le "sebelisoa."

"Mohlaseli ea sebelisitseng hampe tlokotsi ena ka katleho a ka fumana litokelo tsa SYSTEM," Microsoft e boletse joalo ka boeletsi. Leha ho le joalo, senatla sa thekenoloji se nka ho tiea ha ts'oaetso ho "tlase" kaha "mokhoa ha o lumelle ts'ebetso ea khoutu e hole maemong ao mohlaseli a seng a se na bokhoni boo ho sistimi e shebiloeng." Litsebi tse ling tsa ts'ireletso, leha ho le joalo, ha li khotsofatsoe ke polelo ea Microsoft mme li hlahisitse matšoenyeho a tsona.

"Ho ba kotsing [CVE-2022-37969] e lekantsoe e le Bohlokoa, empa ka barekisi ba bangata ba ananetsoeng bakeng sa phatlalatso e hokahaneng le liketso tse netefalitsoeng naheng, tlokotsi ena e lokela ho nkuoa e le boima bo boholo ka lebaka la kotsi," Chris Goettl, Motlatsi oa Mopresidente. ea Tsamaiso ea Lihlahisoa bakeng sa lihlahisoa tsa ts'ireletso ho Ivanti, ho boletse Makasine ea Redmond.

Mike Walters, molaoli oa ts'ireletso ea cybersecurity ebile e le mothehi-mmoho oa software ea ho beha leihlo le taolo e hole ea Action1 Corporation, o boetse a re "bothata bo tlase" ba CVE-2022-37969 e ka ba bothata.

"Ha ho lintlha tse ling tsa tekheniki [mabapi le CVE-2022-37969] tse fumanehang, empa kaha tlokotsi e na le mathata a tlase 'me ha e hloke tšebelisano ea mosebelisi, tlatlapa e tla tloha e le pokellong ea likatiba tse tšoeu le likatiba tse ntšo," Walters o bolelletse Redmond. Mag.

Ho sa le joalo, Microsoft Dynamics 365 e angoa ke tse peli (CVE-2022-34700 le CVE-2022-35805) ea bofokoli ba bohlano ba bohlokoa bo ka lumellang ts'ebetso ea khoutu e hole. Tse peli tsa tsona (CVE-2022-34721 le CVE-2022-34722) li hokahane le Windows Internet Key Exchange Protocol Extensions, athe ea ho qetela (CVE-2022-34718) e amana le Windows le TCP/IP.

Bofokoli ba ho qetela ho tse hlano tse mahlonoko, CVE-2022-34718, e hlalosoa e le "kotsi e kholo ka ho fetisisa" ke bafuputsi ba ts'ireletso ho. Cisco Talos kaha e na le lintlha tsa CVSS tsa 9.8 ho tse 10. Microsoft e boetse e e hlalositse e le "tlatlapa e ka bang teng." Leha ho le joalo, Bana ba Dustin ea lenaneo la bounty bug bug ea barekisi Trend Micro's Zero Day Initiative e boletse hore litsamaiso tse nang le IPv6 tse lumelletsoeng le IPSec e hlophisitsoeng ke tsona feela tse amehang. “Le ha litaba tse monate ho ba bang, haeba u sebelisa IPv6 (joalo ka tse ngata), mohlomong u ntse u sebelisa IPSec. Leka 'me u sebelise ntlafatso ena kapele, "Childs a eketsa.

Ka lehlakoreng le leng, leha mefokolo e 'meli ea bohlokoa, CVE-2022-34721 le CVE-2022-34722, e ama lihlahisoa tsohle tsa Windows Server mme e na le lintlha tse 9.8 CVSS, Walters o itse "ka bobeli li na le mathata a tlase bakeng sa tšebeliso."

Sharron Bennet

Morao tjena Posts

Joale u ka sebelisa litšoantšo e le khetho ho Liforomo tsa Microsoft

Microsoft joale e u lumella ho sebelisa litšoantšo e le likarabo ho Liforomo. Ho latela k'hamphani ea Redmond, tokollo ea karolo e na le…

lihora tse 2 fetileng

Lipontšo tse ncha tsa Braille ho Narrator li tla ho Windows 11 Insider Beta Build 22623.1020

Kamora beke ea phomolo, Microsoft e khutlile ho lokolla lihahi tse ncha bakeng sa ba Insider ho leka. Ntle le Windows…

lihora tse 3 fetileng

Letšoao la VPN le neng le patiloe pele le fihla ka molao Windows 11 Dev Build 25252

Microsoft e ea lokolla Windows 11 Preview Build 25252 to Dev Channel Insiders kajeno, 'me e fana ka chebahalo e ncha ea ...

lihora tse 4 fetileng

Amazon Cyber ​​​​Monday Deal: theolelo e kholo ho Surface Laptop 5

Haeba ha u so khone ho nka monyetla ka litheolelo tsa Black Friday, Cyber ​​​​Monday Deal ho Amazon e u tlisetsa…

lihora tse 12 fetileng

Elon Musk o batla ho eketsa moeli oa sebapali sa Twitter

Elon Musk o itokisetsa ho lokolloa ha licheke tse tharo tse ncha bakeng sa Verified bekeng ena. Empa Twitter tlasa Musk…

lihora tse 16 fetileng

Ketsahalo ea Samsung Galaxy S23 Unpacked e ka etsahala ka Hlakola selemong se tlang

Samsung e na le moetlo o molelele oa ho lokolla mohala oa eona oa pele oa mohala nakong ea kotara ea pele ea selemo se seng le se seng. Mme e…

lihora tse 18 fetileng