{"id":40697,"date":"2022-12-14T13:28:14","date_gmt":"2022-12-14T13:28:14","guid":{"rendered":"https:\/\/www.n-able.com\/?p=40697"},"modified":"2023-03-21T14:05:39","modified_gmt":"2023-03-21T14:05:39","slug":"patch-tuesday-december-2022","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022","title":{"rendered":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation"},"content":{"rendered":"

To close out the year, Patch Tuesday brings us the gift of fixes for two zero-day vulnerabilities and a collection of critical vulnerabilities. These vulnerabilities are lacking the \u201chair on fire\u201d responses from the community that vulnerabilities from earlier in the year generated, like ProxyNotShell<\/span><\/a> and a wormable<\/span><\/a> HTTP.sys flaw. However, as always, they should be addressed in a timely manner through a proper patching regime\u2014even if they lack the dire warnings that accompanied previous named vulnerabilities this year.<\/span><\/p>\n

This month also marks End of Servicing for Windows 10 21H1<\/span><\/a>. Microsoft<\/span> has been warning of the impending EOS<\/a> for a few months. Most patching solutions should be able to handle the update to 22H1 or 22H2 without it being a major time investment. January though brings end of support for Windows 8.1<\/span><\/a>, which will be slightly more challenging to address. If you haven\u2019t started already, now is the time to audit your environments for Windows 8.1 systems and plan for their upgrade, replacement, or decommissioning. <\/span><\/p>\n

Microsoft vulnerabilities <\/span><\/h2>\n

There were only 49 total vulnerabilities addressed as part of Microsoft\u2019s December Patch Tuesday, about half of what we\u2019ve seen in previous months. Of these, six are rated as Critical with the two zero-day vulnerabilities that were addressed labeled as Moderate and Important. Even though labeling a vulnerability as a zero-day makes it sound so much worse than other vulnerabilities, don\u2019t let that label distract you from other vulnerabilities that carry higher severity ratings or are under active exploitation. <\/span><\/p>\n

CVE-2022-44698<\/a><\/span> is the notable vulnerability of the month. This zero-day allows for specially crafted files to be downloaded to a device without the Mark of the Web flag on the file. This flag is what lets the Window OS, applications, and end-users know the file originated from the web and shouldn\u2019t be trusted by default. Even though it\u2019s carrying only a CVSS 5.4 the fact it us under active exploitation by threat actors in ransomware attacks<\/span><\/a> should put it right on top of your to-do list.<\/span><\/p>\n

The second zero-day of the month is CVE-2022-44710<\/span><\/a>. This is an elevation of privilege vulnerability affecting DirectX that allows an attacker to gain SYSTEM privileges. There is no proof of concept exploiting this vulnerability publicly available yet, as such it only carries an Important severity rating and is marked as Exploitation Less Likely. So even though it carries the zero-day label, it sounds a lot less threatening than CVE-2022-44698, highlighting why understanding key metrics about vulnerabilities is an important part of proper risk evaluation and prioritization.<\/span><\/p>\n

CVE-2022-37967<\/a><\/span> is an elevation of privilege vulnerability affecting Windows Kerberos that received an initial Phase 1 fix during November\u2019s Patch Tuesday, but requires additional mitigations as advised by Microsoft to address the security issue caused by CVE-2022-37967. If you are managing a Window\u2019s Domain then this KB<\/span><\/a> with instructions is essential reading as there are manual mitigations that must be made this month in addition to applying updates. <\/span><\/p>\n

Microsoft Patch Tuesday Vulnerability Prioritization<\/span><\/h2>\n

As always, prioritizing which vulnerabilities to address first is part following established best practices and a little bit of gut instinct. Critical severity, exploitation more likely and exploitation detected vulnerabilities as always should be ranking fairly high on your priority list. If you only patch based on severity you are leaving a lot of unnecessary risk exposure lying around.<\/span><\/p>\n

Table Key:\u00a0<\/span><\/strong>Severity: <\/span>C = Critical, I = Important, M = Moderate; <\/span>Status: EML = Exploitation More Likely, ELL = Exploitation Less Likely, ED = Exploitation Detected<\/span><\/em><\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\n

CVE<\/b><\/span><\/p>\n<\/td>\n

\n

Description<\/b><\/span><\/p>\n<\/td>\n

\n

Severity<\/b><\/span><\/p>\n<\/td>\n

\n

Status<\/b><\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44698<\/a><\/span><\/p>\n<\/td>\n

\n

Windows SmartScreen Security Feature Bypass Vulnerability<\/span><\/p>\n<\/td>\n

\n

M<\/span><\/p>\n<\/td>\n

\n

ED<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44704<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Windows Sysmon Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44683<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Kernel Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44675<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Bluetooth Driver Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44673<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44671<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-41121<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Graphics Component Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-41079<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Exchange Server Spoofing Vulnerability<\/span><\/p>\n<\/td>\n

\n

I<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-41076<\/a><\/span><\/p>\n<\/td>\n

\n

PowerShell Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-37967<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Kerberos Elevation of Privilege Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

EML<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-41127<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44690<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44693<\/a><\/span><\/p>\n<\/td>\n

\n

Microsoft SharePoint Server Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44670<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n

\n

CVE-2022-44676<\/a><\/span><\/p>\n<\/td>\n

\n

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability<\/span><\/p>\n<\/td>\n

\n

C<\/span><\/p>\n<\/td>\n

\n

ELL<\/span><\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Other vendors<\/span><\/h2>\n

Fortinet announced CVE-2022-42475<\/span><\/a>, which affects FortiOS SLL-VPN. Upgrading to the newest FortiOS should address this vulnerability. Citrix also released a security update<\/span><\/a> to address CVE-2022-27518 affecting Citrix ADC and Citrix Gateways. It\u2019s just as important\u2014some say more important\u2014to keep apprised of security bulletins and new firmware from network appliance vendors as it is to keep up to date with endpoints. So, if you\u2019re not subscribed to alerts from your network appliance vendors it would make for a good New Year\u2019s resolution. <\/span><\/p>\n

Summary<\/span><\/h2>\n

As always make sure you have established patching processes for evaluation, testing, and pushing into production. If you have traditionally only dealt with patches by applying them based on their severity, consider including prioritization of patches for Zero-Days, Exploitation Detected and Exploitation More Likely vulnerabilities in your Patch Management<\/span><\/a> routines. <\/span>\u00a0<\/span><\/p>\n

Looking for more blogs on patching, or looking for previous Microsoft Patch Tuesday Review, then check out this section of our blog<\/span><\/a>.<\/span><\/strong><\/p>\n

\u00a0<\/i><\/span><\/p>\n

Lewis Pope is the Head Security Nerd at N‑able. You can follow him on Twitter:\u00a0<\/i>@cybersec_nerd<\/i><\/span><\/a><\/span><\/p>\n

LinkedIn:\u00a0<\/i>thesecuritypope<\/i><\/span><\/a><\/span><\/p>\n

Twitch:\u00a0<\/i>cybersec_nerd<\/i><\/span><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Lewis Pope looks at the patches you should be prioritizing!<\/p>\n","protected":false},"author":62,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-40697","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"\nPatch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able<\/title>\n<meta name=\"description\" content=\"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able\" \/>\n<meta property=\"og:description\" content=\"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-14T13:28:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-21T14:05:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2501\" \/>\n\t<meta property=\"og:image:height\" content=\"1309\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Lewis Pope\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lewis Pope\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\"},\"author\":{\"name\":\"Lewis Pope\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\"},\"headline\":\"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation\",\"datePublished\":\"2022-12-14T13:28:14+00:00\",\"dateModified\":\"2023-03-21T14:05:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\"},\"wordCount\":959,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\",\"url\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\",\"name\":\"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\"},\"datePublished\":\"2022-12-14T13:28:14+00:00\",\"dateModified\":\"2023-03-21T14:05:39+00:00\",\"description\":\"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Head Nerds\",\"item\":\"https:\/\/www.n-able.com\/pt-br\/blog\/category\/head-nerds-pt-br\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#website\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/pt-br?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/pt-br\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae\",\"name\":\"Lewis Pope\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g\",\"caption\":\"Lewis Pope\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able","description":"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022","og_locale":"pt_BR","og_type":"article","og_title":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able","og_description":"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!","og_url":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2022-12-14T13:28:14+00:00","article_modified_time":"2023-03-21T14:05:39+00:00","og_image":[{"width":2501,"height":1309,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png","type":"image\/png"}],"author":"Lewis Pope","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.n-able.com\/wp-content\/uploads\/2022\/08\/220809_blogbanner_PatchTuesday_ss-02.png","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Lewis Pope","Est. tempo de leitura":"5 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022"},"author":{"name":"Lewis Pope","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae"},"headline":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation","datePublished":"2022-12-14T13:28:14+00:00","dateModified":"2023-03-21T14:05:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022"},"wordCount":959,"publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022","url":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022","name":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/pt-br#website"},"datePublished":"2022-12-14T13:28:14+00:00","dateModified":"2023-03-21T14:05:39+00:00","description":"Microsoft rounds up 2022 by addressing fewer vulnerabilities than in previous months. Find out what patches you should be prioritizing!","breadcrumb":{"@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/pt-br\/blog\/patch-tuesday-december-2022#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Head Nerds","item":"https:\/\/www.n-able.com\/pt-br\/blog\/category\/head-nerds-pt-br"},{"@type":"ListItem","position":2,"name":"Patch Tuesday December 2022: Mark of the Web zero-day fixed, and guidance on CVE-2022-37967 manual mitigation"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/pt-br#website","url":"https:\/\/www.n-able.com\/pt-br","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/pt-br#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/pt-br?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/pt-br#organization","name":"N-able","url":"https:\/\/www.n-able.com\/pt-br","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/pt-br#\/schema\/person\/32c214c92846fdd7b16459b9236c12ae","name":"Lewis Pope","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f61d746b384dec3b7d702cd5a5e62b2d6a9722dd83df5ae50505361c3a3eadb1?s=96&d=mm&r=g","caption":"Lewis Pope"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/40697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/users\/62"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/comments?post=40697"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/posts\/40697\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/pt-br\/wp-json\/wp\/v2\/media?parent=40697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}