Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5017392
HistorySep 13, 2022 - 7:00 a.m.

September 13, 2022— KB5017392 (OS Build 20348.916)

2022-09-1307:00:00
Microsoft
support.microsoft.com
12

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.24 Low

EPSS

Percentile

96.5%

JSON

September 13, 2022— KB5017392 (OS Build 20348.916)

Improvements and fixes

This security update includes quality improvements. Key changes include:

  • This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
    If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

How to get this update

Before installing this update

Microsoft now combines the latest servicing stack update (SSU) for your operating system with the hotpatch update. For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update or Windows Server Update Services (WSUS), the latest SSU will be installed with this update.

Install this update

Release Channel Available Next Step
Windows Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog No To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows Server 2022 Datacenter: Azure Edition HotpatchClassification: Security Updates

File information

For a list of the files that are provided in this update, download the file information for cumulative update 5017392.For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 20348.945.

Related

nessus 10
mskb 14
openvas 7
kaspersky 2
talosblog 1
rapid7blog 1
avleonov 1
malwarebytes 1
thn 3
googleprojectzero 1
zdt 1
krebs 1
qualysblog 1
trellix 2
githubexploit 5
cve 43
mscve 40
pentestpartners 1
checkpoint_advisories 6
prion 42
schneier 1
hivepro 3
cnvd 3
zdi 2
attackerkb 3
veracode 1
securelist 1
github 1
osv 1
nessus
nessus
KB5017373: Windows Server 2008 R2 Security Update (September 2022)
2022-09-13 00:00:00
KB5017377: Windows Server 2012 Security Update (September 2022)
2022-09-13 00:00:00
KB5017365: Windows 8.1 and Windows Server 2012 R2 Security Update (September 2022)
2022-09-13 00:00:00
mskb
mskb
September 13, 2022—KB5017327 (OS Build 10240.19444)
2022-09-13 07:00:00
September 13, 2022—KB5017365 (Security-only update)
2022-09-13 07:00:00
September 13, 2022—KB5017315 (OS Build 17763.3406)
2022-09-13 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5017367)
2022-09-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5017305)
2022-09-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5017327)
2022-09-14 00:00:00
kaspersky
kaspersky
KLA19249 Multiple vulnerabilities in Microsoft Products (ESU)
2022-09-13 00:00:00
KLA19245 Multiple vulnerabilities in Microsoft Windows
2022-09-13 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday for September 2022 — Snort rules and prominent vulnerabilities
2022-09-13 18:01:00
rapid7blog
rapid7blog
Patch Tuesday - September 2022
2022-09-13 20:11:08
avleonov
avleonov
Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB
2022-09-23 22:44:11
malwarebytes
malwarebytes
Update now! Microsoft patches two zero-days
2022-09-14 12:00:00
thn
thn
Microsoft's Latest Security Update Fixes 64 New Flaws, Including a Zero-Day
2022-09-14 04:42:00
APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network
2022-11-09 13:47:00
Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month
2022-10-14 17:34:00
googleprojectzero
googleprojectzero
RC4 Is Still Considered Harmful
2022-10-27 00:00:00
zdt
zdt
Windows Kerberos RC4 MD4 Encryption Downgrade Privilege Escalation Vulnerability
2022-10-04 00:00:00
krebs
krebs
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
2022-09-14 00:23:45
qualysblog
qualysblog
September 2022 Patch Tuesday | Microsoft Releases 63 Vulnerabilities with 5 Critical, plus 16 Microsoft Edge (Chromium-Based); Adobe Releases 7 Advisories, 63 Vulnerabilities with 35 Critical.
2022-09-13 20:00:00
trellix
trellix
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
The Bug Report — September 2022 Edition
2022-10-05 00:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2022-11-02 18:38:01
Exploit for Vulnerability in Microsoft
2022-11-16 10:56:02
Exploit for Vulnerability in Microsoft
2022-11-29 18:34:08
cve
cve
CVE-2022-30196
2022-09-13 19:15:00
CVE-2022-35832
2022-09-13 19:15:00
CVE-2022-35837
2022-09-13 19:15:00
mscve
mscve
Windows Secure Channel Denial of Service Vulnerability
2022-09-13 07:00:00
Microsoft ODBC Driver Remote Code Execution Vulnerability
2022-09-13 07:00:00
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
2022-09-13 07:00:00
pentestpartners
pentestpartners
MS Enterprise app management service RCE. CVE-2022-35841
2022-10-13 05:48:43
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI Elevation of Privilege (CVE-2022-34729)
2022-09-13 00:00:00
Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2022-37954)
2022-09-13 00:00:00
Microsoft Windows ALPC Elevation of Privilege (CVE-2022-34725)
2022-09-13 00:00:00
prion
prion
Remote code execution
2022-09-13 19:15:00
Remote code execution
2022-09-13 19:15:00
Security feature bypass
2022-09-13 19:15:00
schneier
schneier
Critical Microsoft Code-Execution Vulnerability
2022-12-22 12:01:37
hivepro
hivepro
Microsoft Rolled Out SPNEGO NEGOEX Critical Vulnerability
2022-12-26 10:37:19
Microsoft busts an actively exploited zero-day and several critical flaws
2022-09-16 09:03:27
Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
2022-11-30 11:46:31
cnvd
cnvd
Microsoft Windows has an unspecified vulnerability (CNVD-2022-63614)
2022-09-15 00:00:00
Microsoft Windows TCP/IP Remote Code Execution Vulnerability (CNVD-2022-63613)
2022-09-15 00:00:00
Microsoft Windows Internet has an unspecified vulnerability
2022-09-15 00:00:00
zdi
zdi
Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability
2022-09-19 00:00:00
Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability
2022-09-19 00:00:00
attackerkb
attackerkb
CVE-2022-30170
2022-09-13 00:00:00
CVE-2022-34721
2022-09-13 00:00:00
CVE-2022-37969
2022-09-13 00:00:00
veracode
veracode
Privilege Escalation
2022-12-08 14:17:02
securelist
securelist
Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
2023-12-21 10:00:53
github
github
DSInternals Credential Roaming Elevation of Privilege Vulnerability
2022-12-06 21:13:49
osv
osv
DSInternals Credential Roaming Elevation of Privilege Vulnerability
2022-12-06 21:13:49

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.24 Low

EPSS

Percentile

96.5%

JSON
Related for KB5017392
nessus10mskb14openvas7kaspersky2talosblog1rapid7blog1avleonov1malwarebytes1thn3googleprojectzero1zdt1krebs1qualysblog1trellix2githubexploit5cve43mscve40pentestpartners1checkpoint_advisories6prion42schneier1hivepro3cnvd3zdi2attackerkb3veracode1securelist1github1osv1