ISC StormCast for Wednesday, November 9th, 2022
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 9 November 2022
⏱️ 7 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello and welcome to the Wednesday, November 9th, 2020 edition of the Sands and its Storm Center's Stormcast. My name is Johannes Ulrich. And I'm recording from Jacksonville, Florida. |
| 0:14.7 | Well, today, of course, Microsoft's Patch Tuesday, and that's, of course, what we'll spend a good part of this podcast with. We got |
| 0:24.2 | patches for a total of 68 vulnerabilities. 10 of these vulnerabilities are rated as a critical. |
| 0:33.4 | One has previously been disclosed and four are already being exploited, which may sort of |
| 0:41.1 | be a record, not 100% sure, but let's talk a little bit about some of these vulnerabilities, |
| 0:47.1 | and there are some fairly interesting ones here. First of all, Mark of the Web, I mentioned |
| 0:53.1 | this a few times in this podcast. |
| 0:55.8 | Tends to be difficult to really close all the gaps here. The idea is that files are marked |
| 1:04.4 | as they're being downloaded from online resources. One issue apparently here was that |
| 1:10.2 | if a file was right protected, then the |
| 1:12.6 | mark of the web could not be applied to it. We also had, of course, in the past problems with |
| 1:17.8 | archives and such. Not 100% sure how much of this will be addressed here, but one of the vulnerabilities |
| 1:24.1 | already disclosed and already being exploited, the other one neither. |
| 1:29.9 | But the second vulnerability here is also more likely to be exploited according to Microsoft. |
| 1:39.4 | Now, these are only important, of course, because there's no sort of immediate code execution, anything like this, due to this vulnerability. |
| 1:49.4 | We also got then another Windows print spooler elevation of privilege vulnerability already being exploited. |
| 1:57.7 | Looks like a variation of that print nightmare that we had a while ago. Seems like |
| 2:03.1 | almost every month we get another little patch about this here from Microsoft. And then a Windows |
| 2:10.8 | scripting languages, remote code execution vulnerability also already exploited and with a CVS score of 8.8. |
| 2:21.2 | And the last one that's already being exploited is Windows CNG key isolation service |
| 2:26.9 | vulnerability and that is a Burbage escalation vulnerability as an attacker may obtain |
| 2:33.1 | keys from other users. That's already, again, being |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.