[cifs-protocol] [EXTERNAL] October 2022 Patch Tuesday: Network visible behaviours - TrackingID#2210110040009823

Jeff McCashland (He/him) jeffm at microsoft.com
Wed Oct 12 16:00:47 UTC 2022


[Tom to BCC]

Hi Andrew,

The updates you're inquiring about have been published in an update to [MS-DCOM]. Please review the errata document here:

[MS-WINERRATA]: Distributed Component Object Model (DCOM) Remote Protocol | Microsoft Learn<https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-winerrata/d56b3256-c5ec-486c-8a19-9fc57039d0a8>

Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team

From: Tom Jebo <tomjebo at microsoft.com>
Sent: Tuesday, October 11, 2022 4:32 PM
To: Andrew Bartlett <abartlet at samba.org>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Microsoft Support <supportmail at microsoft.com>
Subject: RE: [EXTERNAL] October 2022 Patch Tuesday: Network visible behaviours - TrackingID#2210110040009823

[dochelp to bcc]
[casemail cc]

Hi Andrew,

Thank you for your request. One of the Open Specifications team will respond to start working with you. I have created a case (2210110040009823) and added the number to the subject of this email. Please refer to this case number in future communications regarding this issue.

Best regards,
Tom Jebo
Sr Escalation Engineer
Microsoft Open Specifications

From: Andrew Bartlett <abartlet at samba.org<mailto:abartlet at samba.org>>
Sent: Tuesday, October 11, 2022 11:26 AM
To: Interoperability Documentation Help <dochelp at microsoft.com<mailto:dochelp at microsoft.com>>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org<mailto:cifs-protocol at lists.samba.org>>
Subject: [EXTERNAL] October 2022 Patch Tuesday: Network visible behaviours


Are there any network-visible behaviour changes in the October 2022 Patch Tuesday, in particular in:


Active Directory Domain Services
CVE-2022-38042<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38042&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LYAitsVvuZt1Ptbj1h%2BMjWQQJ0vChlcvYByTgnZ7HVc%3D&reserved=0>
Active Directory Domain Services Elevation of Privilege Vulnerability
Important
Windows Active Directory Certificate Services
CVE-2022-37978<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37978&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=yyOrbcYHIxtOrPkqtCeNtlXL1LpeoBqCj5SlXw3H704%3D&reserved=0>
Windows Active Directory Certificate Services Security Feature Bypass
Important
Windows Active Directory Certificate Services
CVE-2022-37976<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37976&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=cX8RQmy%2F%2FY3OQcKOAB4cY3TFyHDcLyMWGHo0Flg7Du8%3D&reserved=0>
Active Directory Certificate Services Elevation of Privilege Vulnerability
Critical
Windows Group Policy
CVE-2022-37975<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37975&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xGZukwkv1mZ3yPcTjy%2FSGs%2BsEJJc9B%2BDc5%2FnWEnh4M0%3D&reserved=0>
Windows Group Policy Elevation of Privilege Vulnerability
Important
Windows Group Policy Preference Client
CVE-2022-37994<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37994&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Y6jUmfBHwkY3ce5M3SXAPMpVct013T3CGt7vwwC5aXY%3D&reserved=0>
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
Important
Windows Group Policy Preference Client
CVE-2022-37993<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37993&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=9aanecsnnXCqxyHPhijyJl4rPs5riMRDvN1R7a%2BIBY0%3D&reserved=0>
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
Important
Windows Group Policy Preference Client
CVE-2022-37999<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37999&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=AxJbUnhDIBIxPWqtCbZxSwFcZFKdrBK1Q0V3%2Fee8rcs%3D&reserved=0>
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
Important
Windows Local Security Authority (LSA)
CVE-2022-38016<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38016&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=jWtJpUbHHSW0bLw5AkvHXXK9md2qVZ8XGT0PWuLX6IQ%3D&reserved=0>
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
Important
Windows Local Security Authority Subsystem Service (LSASS)
CVE-2022-37977<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-37977&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xe7UJPkb48yzVNqoHIX51b0XrFcd0EQ%2B53YKPRXU%2BVE%3D&reserved=0>
Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Important
Windows NTLM
CVE-2022-35770<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-35770&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=1lAre4RvRTdH%2FwBFgrIPPLFrDTj4Oti9eJvA6G5Eia8%3D&reserved=0>
Windows NTLM Spoofing Vulnerability
Important
Windows Secure Channel
CVE-2022-38041<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38041&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=rEOoUwgJHvKOTgnteCNyWSTkm3xPfqkVmlehoTIOcn0%3D&reserved=0>
Windows Secure Channel Denial of Service Vulnerability
Important
Windows Security Support Provider Interface
CVE-2022-38043<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38043&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279127956718%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MJSOPgzvI9GbNbuZ1ecZjyzUhKxueWoAmrbEBa9VsiQ%3D&reserved=0>
Windows Security Support Provider Interface Information Disclosure Vulnerability
Important
Windows Server Remotely Accessible Registry Keys
CVE-2022-38033<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38033&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=fymVjHnvAicFsnDHzI8LHWgrXYJBZQanfHVbG1kmbio%3D&reserved=0>
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability
Important
Windows Server Service
CVE-2022-38045<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38045&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=iuaym6M6Ly0%2F6ivBxY%2BcQNhk0a4BN73O%2FTh5Ys1EIPg%3D&reserved=0>
Server Service Remote Protocol Elevation of Privilege Vulnerability
Important
Important
Windows Workstation Service
CVE-2022-38034<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fmicrosoft-patch-tuesday-reports%2FOctober-2022.html%23CVE-2022-38034&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Uam2i7Y192nIbqaNqIafcpLTPXNkfRGFx1wFwOdDFOg%3D&reserved=0>
Windows Workstation Service Elevation of Privilege Vulnerability
Important



Also more broadly, and cheekily open-ended, is there anything else the Samba Team should know about this or other recent security updates?



(If the answer is still security-sensitive, then you can CC security at samba.org<mailto:security at samba.org> instead).



Thanks,



Andrew Bartlett

--
Andrew Bartlett (he/him)       https://samba.org/~abartlet/<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F~abartlet%2F&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=LpfMEjx8XhGk3coKpvF%2FOMUdFCJk76umo50R0%2BHoODk%3D&reserved=0>
Samba Team Member (since 2001) https://samba.org<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsamba.org%2F&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=lAsz%2F4tab4t4DhyuWWpS4Hr17%2Ba7U%2BwKbSrSYQxsoX0%3D&reserved=0>
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcatalyst.net.nz%2Fservices%2Fsamba&data=05%7C01%7Cjeffm%40microsoft.com%7C3e20acaa6ff54376bb7108daabe0c4df%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638011279128112506%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=w00JC5u9ONV9lQp1TvMqAkziZXormYMC3Mtvt9uTg%2FE%3D&reserved=0>

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20221012/e8743ffb/attachment.htm>


More information about the cifs-protocol mailing list