• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

October 2022 Patch Tuesday: 13 Critical, One Actively Exploited

Microsoft's October 2022 Patch Tuesday includes an actively exploited vulnerability in Windows COM+ Event System Service.

October 11, 2022 Zachary Comeau Leave a Comment

June 2023 Patch Tuesday. Patch Tuesday,

Microsoft has released fixes for 85 vulnerabilities as part of the October 2022 Patch Tuesday, including 15 that are rated critical and one listed as being exploited in the wild.

However, the company still has yet to release patches for the two Exchange vulnerabilities that were reported as being actively exploited last week. Admins should continue to follow Microsoft’s guidance on workarounds until official fixes are released.

In the meantime, IT admins still have a number of vulnerabilities to prioritize this month.

CVE-2022-41033 – Windows COM+ Event System Service Elevation of Privilege Vulnerability

According to Microsoft, this bug in Windows COM+ Event System Service could give an attacker SYSTEM privileges. The CVSS score of 7.8 isn’t all that high, but since it is being actively exploited, this is one admins should prioritize, says Satnam Narang, senior staff research engineer at vulnerability management company Tenable.

The Windows COM+ Event System Service enables system event notifications for COM+ components. An authenticated attacker could execute a specially crafted application designed to exploit the bug on a vulnerable system and gain SYSTEM privileges.

This is likely paired with a code execution bug that involves some level of social engineering.

“Microsoft reports that this vulnerability has been exploited in the wild, though no specific details have been shared about its exploitation,” Narang says. “It was reported to Microsoft by an anonymous individual. While elevation of privilege vulnerabilities require an attacker to gain access to a system through other means, they are still a valuable tool in an attacker’s toolbox.”

CVE-2022-37968 – Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability

Nearly half of the bugs Microsoft fixed this month are elevation of privilege bugs, including this one which could allow an attacker to gain administrative control over Azure Arc-enabled Kubernetes clusters. According to Zero Day Initiative, Azure Stack Edge devices may also be impacted.

To exploit the bug remotely, attackers would first need to know the randomly

CVE-2022-38028 – Windows Print Spooler elevation of privilege vulnerability

This bug pairs another elevation of privilege flaw with yet another bug in Windows Print Spooler. Successful exploitation would allow an attacker to gain system privileges. Print Spooler bugs are nothing new, but this one was reported to Microsoft by the National Security Agency, the third such bug credited to the agency this year. With that in mind, make sure this one is also prioritized, Tenable researchers say.

CVE-2022-38048 – Microsoft Office Remote Code Execution Vulnerability

This is another critical-rated bug highlighted by ZDI, although the organization says Office bugs aren’t typically rated this high since they usually involve user interaction. The rating could result from the lack of warning dialogs when opening a specially crafted file. This could lead to passing an arbitrary pointer to a free call which  makes further memory corruption possible, ZDI notes.

CVE-2022-37976 – Active Directory Certificate Services elevation of privilege vulnerability

Another bug highlighted by Tenable researchers, this elevation of privilege flaw could result in a malicious Distributed Component Object Model (DCOM) client being used to entice a DCOM server to authenticate to the client, allowing an attacker to perform a cross-protocol attack and gain domain admin privileges.

Tenable researchers note that ransomware groups often seek out flaws and misconfigurations in Active Directory to spread malicious payloads across a victim’s network.

For more information and a complete list on the October 2022 Patch Tuesday updates, read these blogs from Tenable and ZDI.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Microsoft, Patch management, Patch Tuesday, Vulnerability Management

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.