Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. November 2022 Monthly Patch
Monthly Patch

November 2022 Monthly Patch

9 November 2022

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2022-Nov

Critical vulnerabilities

CVE Number

CVE Name

Base Score

Reference

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41128

CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41080

CVE-2022-41088

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41088

CVE-2022-41044

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41044

CVE-2022-41039

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41039

CVE-2022-37966

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37966

CVE-2022-41118

Windows Scripting Languages Remote Code Execution Vulnerability

7.5

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41118

CVE-2022-37967

Windows Kerberos Elevation of Privilege Vulnerability

7.2

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37967

CVE-2022-38015

Windows Hyper-V Denial of Service Vulnerability

6.5

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38015

CVE-2022-39327

GitHub: CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI

TBD

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-39327


Back to top