{"id":11031,"date":"2022-09-16T13:55:39","date_gmt":"2022-09-16T10:55:39","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=11031"},"modified":"2022-09-16T13:55:39","modified_gmt":"2022-09-16T10:55:39","slug":"microsoft-patch-tuesday-september-2022","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/microsoft-patch-tuesday-september-2022\/11031\/","title":{"rendered":"Microsoft, 64 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7in yama yay\u0131nlad\u0131"},"content":{"rendered":"<p>Microsoft g\u00fcvenlik a\u00e7\u0131\u011f\u0131 avc\u0131lar\u0131 yeni bir a\u00e7\u0131k yakalad\u0131lar: \u00e7e\u015fitli \u00fcr\u00fcn ve hizmetlerinde be\u015fi kritik 64 g\u00fcvenlik a\u00e7\u0131\u011f\u0131. Yama yay\u0131nlanmadan \u00f6nce iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n duyurusu (bu durum onlar\u0131, teknik olarak s\u0131f\u0131r g\u00fcn yapar) yap\u0131ld\u0131. Bir tanesi ise sald\u0131rganlar taraf\u0131ndan aktif olarak k\u00f6t\u00fcye kullan\u0131l\u0131yor. Her zamanki gibi \u00f6nerimiz, g\u00fcncellemeleri vakit kaybetmeden y\u00fcklemeniz. Biz de, bu s\u0131rada, \u00f6zel ilgi isteyen g\u00fcvenlik a\u00e7\u0131klar\u0131ndan k\u0131saca bahsedece\u011fiz.<\/p>\n<h2>Sald\u0131rganlar\u0131n aktif olarak k\u00f6t\u00fcye kulland\u0131\u011f\u0131 CVE-2022-37969<\/h2>\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-37969\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-37969<\/a>, Common Log File System s\u00fcr\u00fcc\u00fcs\u00fcnde bulunan bir s\u0131f\u0131r g\u00fcn g\u00fcvenlik a\u00e7\u0131\u011f\u0131. Bu, en son g\u00fcncellemeyle yamas\u0131 yay\u0131nlanan en tehlikeli hata de\u011fil (CVSS derecesi sadece 7.8). \u00c7\u00fcnk\u00fc sald\u0131rganlar\u0131n bunu k\u00f6t\u00fcye kullanmak i\u00e7in kurban\u0131n bilgisayar\u0131na bir \u015fekilde eri\u015fim sa\u011flamas\u0131 gerekiyor. Bunun yan\u0131 s\u0131ra, e\u011fer ba\u015far\u0131l\u0131 olurlarsa, SYSTEM\u2019de ayr\u0131cal\u0131klar\u0131 y\u00fckselecek. Microsoft\u2019a g\u00f6re, baz\u0131 sald\u0131rganlar bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 zaten k\u00f6t\u00fcye kullan\u0131yor. Bu y\u00fczden, en k\u0131sa s\u00fcrede bir yama yay\u0131nlanmal\u0131.<\/p>\n<h2>Kritik g\u00fcvenlik a\u00e7\u0131klar\u0131<\/h2>\n<p>Yeni d\u00fczeltilen be\u015f kritik g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n t\u00fcm\u00fc, <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/remote-code-execution-rce\/\" target=\"_blank\" rel=\"noopener\">uzaktan kod y\u00fcr\u00fctme (RCE) s\u0131n\u0131f\u0131na<\/a> ait. Yani, kurban bilgisayarlarda rastgele kod \u00e7al\u0131\u015ft\u0131rmak i\u00e7in kullan\u0131labilirler.<\/p>\n<ul>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34718\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-34718<\/a> \u2014 Windows TCP\/IP\u2019de CVSS derecesi 9.8 olan bir hata. Yetkisi olmayan bir sald\u0131rgan, \u00f6zel haz\u0131rlanm\u0131\u015f bir IPv6 paketiyle IPSec hizmetinin etkinle\u015ftirerek, bunu sald\u0131r\u0131ya u\u011frayan Windows bilgisayarda rastgele kod y\u00fcr\u00fctmek i\u00e7in kullanabilir.<\/li>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34721\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-34721<\/a> ve <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34722\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-34722<\/a> \u2014 bir sald\u0131rgan\u0131n korunmas\u0131z bir makineye, bir IP paketi g\u00f6ndererek k\u00f6t\u00fc ama\u00e7l\u0131 kod y\u00fcr\u00fctmesini sa\u011flayan Internet Anahtar De\u011fi\u015fim protokol\u00fcnde bulunan g\u00fcvenlik a\u00e7\u0131klar\u0131. Her ikisinin de CVSS derecesi 9.8. Bu g\u00fcvenlik a\u00e7\u0131klar\u0131, sadece IKEv1 protokol s\u00fcr\u00fcm\u00fcn\u00fc etkilese de Microsoft, t\u00fcm Windows Server sistemlerinin g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan etkilendi\u011fini hat\u0131rlat\u0131yor \u00e7\u00fcnk\u00fc sistemlerde hem v1 hem de v2 paketleri ge\u00e7erli kabul ediliyor.<\/li>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-34700\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-34700<\/a> ve <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-35805\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-35805<\/a> \u2014 Microsoft Dynamics m\u00fc\u015fteri ili\u015fkileri y\u00f6netimi (CRM) yaz\u0131l\u0131m\u0131nda bir \u00e7ift g\u00fcvenlik a\u00e7\u0131\u011f\u0131. Bu iki g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131lmas\u0131, kimli\u011fi do\u011frulanm\u0131\u015f bir kullan\u0131c\u0131n\u0131n rastgele SQL komutlar\u0131 y\u00fcr\u00fctmesini sa\u011fl\u0131yor. Daha sonra sald\u0131rgan, ayr\u0131cal\u0131klar\u0131n\u0131 y\u00fckseltebilir ve db_owner ayr\u0131cal\u0131klar\u0131yla Dynamics 365 veritaban\u0131nda komut y\u00fcr\u00fctebilir. Sald\u0131rgan\u0131n yine de kimlik do\u011frulamas\u0131 yapmas\u0131 gerekti\u011fi i\u00e7in, bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n CVSS \u00f6l\u00e7e\u011finde dereceleri biraz daha d\u00fc\u015f\u00fck (8.8), ancak yine de kritik \u00f6neme sahip olduklar\u0131 d\u00fc\u015f\u00fcn\u00fcl\u00fcyor.<\/li>\n<\/ul>\n<h2>ARM i\u015flemcileriyle ilgili bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 \u2014 CVE-2022-23960<\/h2>\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-23960\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2022-23960<\/a>, yamadan \u00f6nce duyurusu yap\u0131lan ikinci g\u00fcvenlik a\u00e7\u0131\u011f\u0131. Teoride bu, sald\u0131rganlar\u0131n yama yay\u0131nlanmadan \u00f6nce k\u00f6t\u00fcye kullanabilecekleri bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 olabilirdi, ancak i\u015fin asl\u0131 b\u00f6yle g\u00f6r\u00fcnm\u00fcyor. Asl\u0131nda CVE-2022-23960, bir i\u015flemcinin talimatlar\u0131 spek\u00fclatif y\u00fcr\u00fctme mekanizmas\u0131na m\u00fcdahalede bulunan <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/spectre-meltdown-in-practice\/10485\/\" target=\"_blank\" rel=\"noopener\">Spectre<\/a> g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n bir ba\u015fka \u00e7e\u015fidi. Farkl\u0131 bir \u015fekilde ifade etmek gerekirse, ger\u00e7ek sald\u0131r\u0131larda kullan\u0131lma olas\u0131l\u0131\u011f\u0131 son derece d\u00fc\u015f\u00fck. Yani, tehlike biraz teoride kal\u0131yor. Ayr\u0131ca, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 yaln\u0131zca ARM64 tabanl\u0131 sistemlerde Windows 11 i\u00e7in ge\u00e7erli. Bu durum, k\u00f6t\u00fcye kullan\u0131m\u0131n ger\u00e7ekle\u015fme ihtimalini d\u00fc\u015f\u00fcr\u00fcyor.<\/p>\n<h2>Di\u011fer g\u00fcvenlik a\u00e7\u0131klar\u0131<\/h2>\n<p>Sal\u0131 g\u00fcn\u00fc yay\u0131nlanan Eyl\u00fcl ay\u0131 yamas\u0131nda, \u015fa\u015f\u0131rt\u0131c\u0131 derecede az say\u0131da tehlikeli olmayan g\u00fcvenlik a\u00e7\u0131\u011f\u0131 var. Sadece birinin \u00f6nem derecesi d\u00fc\u015f\u00fck, di\u011ferinin derecesi ise orta. Geriye kalan 57 tanesi, yukar\u0131da bahsi ge\u00e7en be\u015f kritik g\u00fcvenlik a\u00e7\u0131\u011f\u0131 kadar tehlikeli olmasa da hala \u201c\u00f6nemli\u201d kategorisinde. Bu y\u00fczden, yaz\u0131n\u0131n ba\u015f\u0131nda da \u00f6nerdi\u011fimiz gibi, vakit kaybetmeden g\u00fcncellemek en iyisi.<\/p>\n<h2>Kendinizi koruman\u0131n yollar\u0131<\/h2>\n<p>\u00d6ncelikle,<a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/september-13-2022-kb5017328-os-build-22000-978-40843fca-a0be-4a60-b68b-6cb23a73a5aa\" target=\"_blank\" rel=\"noopener nofollow\"> zaten yamas\u0131 yay\u0131nlanan g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131<\/a> d\u00fczeltmeniz gerekiyor. Ayr\u0131ca, internet ba\u011flant\u0131s\u0131 olan t\u00fcm bilgisayarlar\u0131n ve sunucular\u0131n, g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespiti ve k\u00f6t\u00fcye kullan\u0131m \u00f6nleme teknolojileriyle donat\u0131lm\u0131\u015f <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik \u00e7\u00f6z\u00fcmleriyl<\/a>e korunmas\u0131n\u0131 \u00f6neriyoruz. Bu, \u015firketinizi hem bilinen hem de hen\u00fcz bilinmeyen g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 koruman\u0131z\u0131 sa\u011flayacak.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>G\u00fcncelleme zaman\u0131! Microsoft, Windows ve Office&#8217;ten Defender ve Azure&#8217;a, \u00e7e\u015fitli \u00fcr\u00fcn ve bile\u015fende 64 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7in yama yay\u0131nlad\u0131.<\/p>\n","protected":false},"author":2706,"featured_media":11033,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727,1351],"tags":[2517,790,38,1912,113],"class_list":{"0":"post-11031","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"category-threats","11":"tag-0days","12":"tag-guvenlik-aciklari","13":"tag-microsoft","14":"tag-office","15":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/microsoft-patch-tuesday-september-2022\/11031\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/microsoft-patch-tuesday-september-2022\/24585\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/microsoft-patch-tuesday-september-2022\/20051\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/microsoft-patch-tuesday-september-2022\/27042\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/microsoft-patch-tuesday-september-2022\/24942\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/microsoft-patch-tuesday-september-2022\/25288\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/microsoft-patch-tuesday-september-2022\/27622\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/microsoft-patch-tuesday-september-2022\/27203\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/microsoft-patch-tuesday-september-2022\/33988\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/microsoft-patch-tuesday-september-2022\/45501\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/microsoft-patch-tuesday-september-2022\/19427\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/microsoft-patch-tuesday-september-2022\/20018\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/microsoft-patch-tuesday-september-2022\/29252\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/microsoft-patch-tuesday-september-2022\/28468\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/microsoft-patch-tuesday-september-2022\/25458\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/microsoft-patch-tuesday-september-2022\/30992\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/microsoft-patch-tuesday-september-2022\/30687\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11031","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=11031"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11031\/revisions"}],"predecessor-version":[{"id":11032,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/11031\/revisions\/11032"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/11033"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=11031"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=11031"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=11031"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}