December Threat Advisory – Top 5

SecurityHQ’s Monthly Threat Report, Drawn from Recent Advisories of December 2022.

VMware Fixed Multiple Vulnerabilities Including Critical Vulnerabilities Affecting VMware Products

Threat Reference: Global

Risks: Patches/Updates

Advisory Type: Privilege Escalation, Command Injection

Priority: Standard

VMware has released security updates to address multiple vulnerabilities including Critical Vulnerabilities in VMware Products which allows an attacker to execute commands without authentication.

Affected Products:

• VMware vRealize Network Insight (vRNI)
• VMware ESXi
• VMware Workstation Pro / Player (Workstation)
• VMware Fusion Pro / Fusion (Fusion)
• VMware Cloud Foundation

Recommendation:

It is recommended to update all the affected products to its latest available patch version.

Fortinet Released Patch to Fix Critical Vulnerability

Threat Reference: Global

Risks: Arbitrary Code Execution

Advisory Type: Updates/Patches

Priority: Standard

Fortinet has released a patch to fix a critical severity vulnerability in a multiple of their products. Successful exploitation of this can result in Arbitrary Code Execution.

Affected Products include the following.

• FortiOS version 7.2.0 through to 7.2.2
• FortiOS version 7.0.0 through to 7.0.8
• FortiOS version 6.4.0 through to 6.4.10
• FortiOS version 6.2.0 through to 6.2.11
• FortiOS-6K7K version 7.0.0 through to 7.0.7
• FortiOS-6K7K version 6.4.0 through to 6.4.9
• FortiOS-6K7K version 6.2.0 through to 6.2.11
• FortiOS-6K7K version 6.0.0 through to 6.0.14

Recommendation:

It is recommended to update all the affected products to its latest available patch version.

Google Fixed Multiple High & Medium Severity Vulnerabilities in Chrome

Threat Reference: Global

Risks: Arbitrary Code Execution

Advisory Type: Updates/Patches

Priority: Standard

Google has released Chrome version 108.0.5359.71 for Mac and Linux and 108.0.5359.71/72 for Windows operating system to fix multiple high and medium severity vulnerabilities.

Recommendation:

It is recommended to update Google Chrome to the latest fixed version.

Microsoft Released December Patch Tuesday for 49 Flaws, Including 2 Zero-days

Threat Reference: Global

Risks: Updates/Patches

Advisory Type: Privilege elevation, Remote Code Execution, Security Feature Bypass

Priority: Standard

Microsoft has released its December 2022 Patch Tuesday, to fix 49 vulnerabilities which includes 6 Critical severity vulnerabilities. Successful exploitation of these vulnerabilities could result in Privilege Elevation, Security Feature Bypass, Remote Code Execution, or Information Disclosure

Affected products include the following:

• .NET Framework

• Azure

• Client Server Run-time Subsystem (CSRSS)

• Microsoft Bluetooth Driver

• Microsoft Dynamics

• Microsoft Edge (Chromium-based)

• Microsoft Graphics Component

• Microsoft Office

• Microsoft Office OneNote

• Microsoft Office Outlook

• Microsoft Office SharePoint

• Microsoft Office Visio

• Microsoft Windows Codecs Library

• Role: Windows Hyper-V

• SysInternals

• Windows Certificates

• Windows Contacts

• Windows DirectX

• Windows Error Reporting

• Windows Fax Compose Form

• Windows HTTP Print Provider

• Windows Kernel

• Windows PowerShell

• Windows Print Spooler Components

• Windows Projected File System

• Windows Secure Socket Tunnelling Protocol (SSTP)

• Windows SmartScreen

• Windows Subsystem for Linux

• Windows Terminal

Recommendations

• Keep applications and operating systems running at the current released patch level.
• Run software with the least privileges.

Mozilla Fixed Multiple High and Moderate Severity Vulnerabilities in Firefox 108, ESR 102.6 and Thunderbird 102.6.

Threat Reference: Global

Risks: Patches/Updates

Advisory Type: Memory Corruption, Sensitive Information Disclosure

Priority: Standard

Mozilla has released security updates for Firefox, ESR and Thunderbird.

Affected products:

• Firefox 107
• Firefox ESR 102.5
• Thunderbird 102.5

Recommendation:

• It is recommended to update all the affected products to its latest available patch version.

Having conducted incident response investigations across a wide range of industries, SecurityHQ are best placed to work with businesses large and small, and across numerous technical environments to reduce the impact of a cyber security incident. For more information on these threats, speak to an expert here.

Or if you suspect a security incident, you can report an incident here.