October 2022 Patch Tuesday Updates Fix 85 Windows Vulnerabilities

Windows 11

Microsoft has released yesterday the October 2022 Patch Tuesday updates for all supported versions of Windows. This includes Windows 11 version 22H2, the latest version of the OS that has just started rolling out to more users

Overall, Microsoft fixed 85 security flaws in Windows, and there are also 11 fixes for Microsoft Edge vulnerabilities this month. Among the 85 Windows vulnerabilities addressed by Microsoft, 15 of them are rated Critical. The company also warned that there’s one zero-day vulnerability affecting the Windows COM+ event system service that’s already being exploited in the wild.

As pointed out by the Zero Day Initiative, Microsoft has yet to fix two Exchange Server vulnerabilities that have been actively exploited for the past two weeks. Organizations can still protect themselves by disabling remote PowerShell access for non-admin users in their organization. You can learn more details about current mitigations on the Microsoft Security Response Center blog post.

85 vulnerabilities fixed in the October 2022 Patch Tuesday updates

Here are some of the most important fixed vulnerabilities you should be aware of in this month’s Patch Tuesday updates: 

  • CVE-2022-41033: This is an Elevation of Privilege vulnerability affecting the Windows COM+ event system service. This is the only security flaw that Microsoft identified as already being exploited in the wild. 
  • CVE-2022-41043: This is a Microsoft Office vulnerability that has been publicly disclosed, but it has yet to be exploited. Attackers could leverage it to obtain user tokens and other potentially sensitive information.
  • CVE-2022-41038: This critical Remote Code Execution vulnerability in Microsoft SharePoint Server could allow an authenticated attacker with Manage List permissions to execute code remotely on the SharePoint Server.
  • CVE-2022-37979: This critical Elevation of Privilege vulnerability in Windows Hyper-V could allow a Hyper-V guest to affect the functionality of the Hyper-V host.
  • CVE-2022-37976: This Active Directory Certificate Services Elevation of Privilege Vulnerability could allow attackers to gain domain administrator privileges by using a malicious DCOM client.

You can find the full list of CVEs released by Microsoft with the October 2022 Patch Tuesday updates below:

ProductImpactMax SeverityArticleDetails
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionCritical5018474CVE-2022-22035
Windows Server 2012 R2 (Server Core installation)Remote Code ExecutionCritical5018476CVE-2022-22035
Windows Server 2012 R2Remote Code ExecutionCritical5018474CVE-2022-22035
Windows Server 2012 R2Remote Code ExecutionCritical5018476CVE-2022-22035
Windows Server 2012 (Server Core installation)Remote Code ExecutionCritical5018457CVE-2022-22035
Windows Server 2012 (Server Core installation)Remote Code ExecutionCritical5018478CVE-2022-22035
Windows Server 2016Remote Code ExecutionCritical5018411CVE-2022-30198
Windows 10 Version 1607 for 32-bit SystemsRemote Code ExecutionCritical5018411CVE-2022-22035
Windows 10 for 32-bit SystemsInformation DisclosureImportant5018425CVE-2022-38043
Windows 10 Version 21H2 for 32-bit SystemsRemote Code ExecutionCritical5018410CVE-2022-30198
Windows 11 for ARM64-based SystemsRemote Code ExecutionCritical5018418CVE-2022-22035
Windows 11 for x64-based SystemsRemote Code ExecutionCritical5018418CVE-2022-22035
Windows RT 8.1Denial of ServiceImportant5018474CVE-2022-38041
Windows 10 Version 21H1 for 32-bit SystemsRemote Code ExecutionCritical5018410CVE-2022-22035
Windows 10 Version 21H1 for ARM64-based SystemsRemote Code ExecutionCritical5018410CVE-2022-22035
Windows 10 Version 20H2 for ARM64-based SystemsInformation DisclosureImportant5018410CVE-2022-38043
Windows 10 Version 20H2 for 32-bit SystemsInformation DisclosureImportant5018410CVE-2022-38043
Windows Server 2022 (Server Core installation)Remote Code ExecutionCritical5018421CVE-2022-30198
Windows 10 Version 1809 for 32-bit SystemsDenial of ServiceImportant5018419CVE-2022-38041
Windows Server 2012Elevation of PrivilegeImportant5018457CVE-2022-37986
Windows Server 2012Elevation of PrivilegeImportant5018478CVE-2022-37986
Windows 10 Version 1809 for x64-based SystemsRemote Code ExecutionImportant5018419CVE-2022-38040
Windows Server 2016 (Server Core installation)SpoofingImportant5018411CVE-2022-35770
Windows 10 Version 1809 for ARM64-based SystemsElevation of PrivilegeImportant5018419CVE-2022-37987
Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5018410CVE-2022-37997
Windows 10 Version 21H2 for ARM64-based SystemsElevation of PrivilegeImportant5018410CVE-2022-37997
Windows 10 Version 20H2 for x64-based SystemsElevation of PrivilegeImportant5018410CVE-2022-37997
Windows Server 2022Elevation of PrivilegeImportant5018421CVE-2022-37997
Windows 8.1 for 32-bit systemsElevation of PrivilegeImportant5018474CVE-2022-37987
Windows 8.1 for 32-bit systemsElevation of PrivilegeImportant5018476CVE-2022-37987
Windows Server 2019Elevation of PrivilegeImportant5018419CVE-2022-38045
Windows Server 2012 R2 (Server Core installation)SpoofingCritical5016681CVE-2022-34689
Windows Server 2012 R2 (Server Core installation)SpoofingCritical5016683CVE-2022-34689
Windows Server 2012 R2SpoofingCritical5016681CVE-2022-34689
Windows Server 2012 R2SpoofingCritical5016683CVE-2022-34689
Windows Server 2012 (Server Core installation)SpoofingCritical5016672CVE-2022-34689
Windows Server 2012 (Server Core installation)SpoofingCritical5016684CVE-2022-34689
Windows Server 2012SpoofingCritical5016672CVE-2022-34689
Windows Server 2012SpoofingCritical5016684CVE-2022-34689
Windows 10 for 32-bit SystemsSpoofingCritical5016639CVE-2022-34689
Windows Server 2019SpoofingCritical5016623CVE-2022-34689
Windows 10 Version 1809 for ARM64-based SystemsSpoofingCritical5016623CVE-2022-34689
Windows 10 Version 1809 for x64-based SystemsSpoofingCritical5016623CVE-2022-34689
Windows Server 2019 (Server Core installation)Elevation of PrivilegeCritical5018419CVE-2022-37976
Windows 8.1 for x64-based systemsDenial of ServiceImportant5018474CVE-2022-38041
Windows 8.1 for x64-based systemsDenial of ServiceImportant5018476CVE-2022-38041
Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5018411CVE-2022-38028
Windows 10 for x64-based SystemsElevation of PrivilegeImportant5018425CVE-2022-38028
Windows 10 Version 1809 for 32-bit SystemsSpoofingCritical5016623CVE-2022-34689
Windows 10 Version 21H1 for x64-based SystemsRemote Code ExecutionCritical5018410CVE-2022-33634
Windows RT 8.1SpoofingCritical5016681CVE-2022-34689
Windows 8.1 for x64-based systemsSpoofingCritical5016681CVE-2022-34689
Windows 8.1 for x64-based systemsSpoofingCritical5016683CVE-2022-34689
Windows 8.1 for 32-bit systemsSpoofingCritical5016681CVE-2022-34689
Windows 8.1 for 32-bit systemsSpoofingCritical5016683CVE-2022-34689
Windows Server 2016 (Server Core installation)SpoofingCritical5016622CVE-2022-34689
Windows Server 2016SpoofingCritical5016622CVE-2022-34689
Windows 10 Version 1607 for x64-based SystemsSpoofingCritical5016622CVE-2022-34689
Windows 10 Version 1607 for 32-bit SystemsSpoofingCritical5016622CVE-2022-34689
Windows 10 for x64-based SystemsSpoofingCritical5016639CVE-2022-34689
Windows 10 Version 21H2 for x64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 21H2 for ARM64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 21H2 for 32-bit SystemsSpoofingCritical5016616CVE-2022-34689
Windows 11 for ARM64-based SystemsSpoofingCritical5016629CVE-2022-34689
Windows 11 for x64-based SystemsSpoofingCritical5016629CVE-2022-34689
Windows 10 Version 20H2 for ARM64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 20H2 for 32-bit SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 20H2 for x64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows Server 2022 (Server Core installation)SpoofingCritical5016627CVE-2022-34689
Windows Server 2022SpoofingCritical5016627CVE-2022-34689
Windows 10 Version 21H1 for 32-bit SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 21H1 for ARM64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows 10 Version 21H1 for x64-based SystemsSpoofingCritical5016616CVE-2022-34689
Windows Server 2019 (Server Core installation)SpoofingCritical5016623CVE-2022-34689

Quality and experience updates

This month’s Patch Tuesday updates for Windows 11 and Windows 10 bring minor changes to the taskbar. On Windows 11 versions 22H2 and 21H2, the updates bring more dynamic Widgets content to the taskbar: In addition to weather information, users will also see finance and sports updates. 

If you were hoping to see File Explorer tabs arrive on Windows 11 version 22H2 this week, the feature isn’t live yet. It’s already available for Windows Insiders on the Release Preview ring, but it will be available later this month for non-Insiders in an optional preview update. The public rollout will start next month with the November 2022 Patch Tuesday updates, Microsoft explained.

On Windows 11 version 21H2 (the original version of the OS), the build 22000.1098 (KB5018418) fixed an issue that forced users to reinstall apps that didn’t come from the Microsoft Store after an upgrade. There’s also a fix for a rare issue that could lead to a blue screen after changing the display mode when using more than one display. 

Microsoft published the following video highlighting the bug fixes and quality updates for Windows 11 version 21H2 in the build 22000.1098.

For Windows 10 users, the KB5018410 patch for Windows 10 versions 21H2, 21H1, and 20H2 also bring some Taskbar changes. First of all, all taskbar orientations can now display news and interests information. Additionally, it’s now possible to access settings for news and interests on the taskbar by right-clicking it and selecting Taskbar settings

There’s still no word about when Windows 10 version 22H2 will start rolling out to the public though. The update is already available for Windows Insiders on the Release Preview ring, but new features (which are still unknown) have been turned off for now.

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

If you have any problems with this month’s patches, please let us know in the comments below. Other readers might be able to share their experiences in how to roll back problematic updates or mitigate issues caused by patches that are important to have in place.