Microsoft’s September 2022 Patch Tuesday Updates Fix 64 Windows Vulnerabilities

Windows 11

Microsoft has released yesterday the September 2022 Patch Tuesday updates for Windows 11 and Windows 10. This month, the company fixed 64 security vulnerabilities, with six of them being rated critical.

On the new features front, Microsoft Defender for Endpoint is getting a boost on Windows 11 and Windows 10, and there are also other improvements related to language support and SMB compression. Let’s dive into the details below!

64 vulnerabilities were fixed in the September 2022 Patch Tuesday updates

Microsoft fixed a total of 64 vulnerabilities in Windows 11 and Windows 10 with this month’s Patch Tuesday updates. Six of them are rated critical, but there are also two non-critical vulnerabilities that are already being exploited in the wild. 

Here are the most important fixed vulnerabilities you should be aware of in this month’s Patch Tuesday updates: 

  • CVE-2022-37969: This Windows Common Log File System Driver Elevation of Privilege Vulnerability has been publicly disclosed and is already being exploited. However, attackers must already have access and the ability to run code on the target system to gain System privileges.
  • CVE-2022-23960: This is a cache speculation vulnerability affecting ARM CPUs. This is another variant of the Spectre processor vulnerability that was discovered a couple of years ago.
  • CVE-2022-3075: This is a Chromium vulnerability caused by insufficient data validation in Mojo, a collection of runtime libraries used by Chrome and other Chromium-based browsers. This vulnerability is already being exploited in the wild, though the latest versions of Microsoft Edge and Chrome are no longer vulnerable.
  • CVE-2022-34718: This Windows TCP/IP Remote Code Execution vulnerability could allow an unauthenticated attacker to leverage the IPsec service to execute code remotely. It’s possible to mitigate this vulnerability by disabling the IPSec service and IPv6.
  • CVE-2022-34700: This Microsoft Dynamics CRM (on-premises) Remote Code Execution vulnerability can allow authenticated attackers to run a specially crafted trusted solution package to execute arbitrary SQL commands.

Table 1 – September 2022 Patch Tuesday vulnerabilities

ProductImpactMax SeverityArticleDetails
Windows Server 2019 (Server Core installation)Elevation of PrivilegeImportant5016623CVE-2022-35771
Windows Server 2019Elevation of PrivilegeImportant5016623CVE-2022-35771
Windows 10 Version 1809 for ARM64-based SystemsElevation of PrivilegeImportant5016623CVE-2022-35771
Windows 10 Version 1809 for x64-based SystemsElevation of PrivilegeImportant5016623CVE-2022-35771
Windows 10 Version 1809 for 32-bit SystemsElevation of PrivilegeImportant5016623CVE-2022-35771
Windows Server 2016 (Server Core installation)Elevation of PrivilegeImportant5016622CVE-2022-35768
Windows Server 2016Elevation of PrivilegeImportant5016622CVE-2022-35768
Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5016622CVE-2022-35768
Windows 10 Version 1607 for 32-bit SystemsElevation of PrivilegeImportant5016622CVE-2022-35768
Windows 10 for x64-based SystemsElevation of PrivilegeImportant5016639CVE-2022-35768
Windows 10 for 32-bit SystemsElevation of PrivilegeImportant5016639CVE-2022-35768
Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5016616CVE-2022-35768
Windows 10 Version 21H2 for ARM64-based SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 21H2 for 32-bit SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 11 for ARM64-based SystemsRemote Code ExecutionCritical5016629CVE-2022-35766
Windows 11 for x64-based SystemsRemote Code ExecutionCritical5016629CVE-2022-35766
Windows Server, version 20H2 (Server Core Installation)Remote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 20H2 for ARM64-based SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 20H2 for 32-bit SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 20H2 for x64-based SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows Server 2022 (Server Core installation)Remote Code ExecutionCritical5016627CVE-2022-35766
Windows Server 2022Remote Code ExecutionCritical5016627CVE-2022-35766
Windows 10 Version 21H1 for 32-bit SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 21H1 for ARM64-based SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 10 Version 21H1 for x64-based SystemsRemote Code ExecutionCritical5016616CVE-2022-35766
Windows 8.1 for 32-bit systemsElevation of PrivilegeImportant5016681CVE-2022-35760
Windows 8.1 for 32-bit systemsElevation of PrivilegeImportant5016683CVE-2022-35760
Windows 8.1 for x64-based systemsElevation of PrivilegeImportant5016681CVE-2022-35754
Windows 8.1 for x64-based systemsElevation of PrivilegeImportant5016683CVE-2022-35754
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5016681CVE-2022-35795
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5016683CVE-2022-35795
Windows RT 8.1Elevation of PrivilegeImportant5016618CVE-2022-35768
Windows Server 2012 R2Elevation of PrivilegeImportant5016681CVE-2022-35795
Windows Server 2012 R2Elevation of PrivilegeImportant5016683CVE-2022-35795
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5016672CVE-2022-35795
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5016684CVE-2022-35795
Windows Server 2012Elevation of PrivilegeImportant5016672CVE-2022-35795
Windows Server 2012Elevation of PrivilegeImportant5016684CVE-2022-35795
Windows 10 Version 21H1 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34303
Windows Server 2012 R2 (Server Core installation)Security Feature BypassImportant5012170CVE-2022-34302
Windows Server 2012 R2Security Feature BypassImportant5012170CVE-2022-34302
Windows Server 2012 (Server Core installation)Security Feature BypassImportant5012170CVE-2022-34302
Windows Server 2012Security Feature BypassImportant5012170CVE-2022-34302
Windows RT 8.1Security Feature BypassImportant5012170CVE-2022-34302
Windows 8.1 for x64-based systemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 8.1 for 32-bit systemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows Server 2016 (Server Core installation)Security Feature BypassImportant5012170CVE-2022-34302
Windows Server 2016Security Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 1607 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 1607 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 21H2 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 21H2 for ARM64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 21H2 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 20H2 for ARM64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 20H2 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 20H2 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 21H1 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 21H1 for ARM64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows Server 2019 (Server Core installation)Security Feature BypassImportant5012170CVE-2022-34302
Windows Server 2019Security Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 1809 for ARM64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 1809 for x64-based SystemsSecurity Feature BypassImportant5012170CVE-2022-34302
Windows 10 Version 1809 for 32-bit SystemsSecurity Feature BypassImportant5012170CVE-2022-34302

Quality and experience updates

This month’s Patch Tuesday updates for Windows 11 and Windows 10 also include some quality and experience updates. Firstly, IT admins can now remotely add languages and language-related features to the OS. Microsoft has also improved Microsoft Defender for Endpoint’s ability to identify and intercept ransomware and advanced attacks. 

On Windows 11, the Server Message Block Compression feature has also been improved to compress a file regardless of its size. Microsoft also fixed an issue that might cause your printer to malfunction after you restart it or reinstall it.

Lastly, Microsoft is aware of an issue causing the time shown in Windows and apps to be incorrect for users in Chile. This is due to an unexpected daylight saving time (DST) time zone change in the country, and Microsoft will address this issue in an upcoming update for Windows 11 and Windows 10. In the meantime, affected users can mitigate this issue by disabling automatic DST adjustments in Settings. 

Windows 11 approved hero 1

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

If you have any problems with this month’s patches, please let us know in the comments below. Other readers might be able to share their experiences in how to roll back problematic updates or mitigate issues caused by patches that are important to have in place.