Microsoft Patch Tuesday
Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows.
It’s the day of the week again
Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Fax Service, Role: Windows Hyper-V, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Hello, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K.
17 Vulnerabilities
Seventeen vulnerabilities have been rated as critical, the remaining ones are rated Important in severity.
Most of the flaws, 64, are escalation of privilege issues, followed by remote code execution, 31, and 12 information disclosure.
The IT giant addressed a remote code execution vulnerability, tracked as CVE-2022-34713, that resides in the Microsoft Windows Support Diagnostic Tool (MSDT), the flaw has been exploited by threat actors in the wild. An attacker can trigger the flaw by tricking the victims into opening specially crafted files.
Microsoft states that the issue is a variant of the Dogwalk vulnerability that was disclosed in June.
“This bug also allows code execution when MSDT is called using the URL protocol from a calling application, typically Microsoft Word. There is an element of social engineering to this as a threat actor would need to convince a user to click a link or open a document.” reads the description provided by ZDI. “It’s not clear if this vulnerability is the result of a failed patch or something new.”
3 Critical flaws
Three flaws, tracked as CVE-2022-30133, CVE-2022-35744, and CVE-2022-34691, addressed by Microsoft with the release of Microsoft Patch Tuesday security updates for August 2022 are rated as critical and received a CVSS score of 9.8.
The first two flaws, CVE-2022-30133 and CVE-2022-35744, are remote code execution issues that affect the Windows Point-to-Point Protocol (PPP), the third one (CVE-2022-34691) is a privilege escalation issue in Active Directory Domain Services.
Below is the full list of vulnerabilities fixed by Microsoft:
CVETitleSeverityCVSSPublicExploitedTypeCVE-2022-34713Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution VulnerabilityImportant7.8YesYesRCECVE-2022-30134Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant7.6YesNoEoPCVE-2022-30133Windows Point-to-Point Protocol (PPP) Remote Code Execution VulnerabilityCritical9.8NoNoRCECVE-2022-35744Windows Point-to-Point Protocol (PPP) Remote Code Execution VulnerabilityCritical9.8NoNoRCECVE-2022-34691Active Directory Domain Services Elevation of Privilege VulnerabilityCritical8.8NoNoEoPCVE-2022-33646Azure Batch Node Agent Remote Code Execution VulnerabilityCritical7NoNoRCECVE-2022-21980Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoPCVE-2022-24477Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoPCVE-2022-24516Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoPCVE-2022-35752RAS Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35753RAS Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35804SMB Client and Server Remote Code Execution VulnerabilityCritical8.8NoNoRCECVE-2022-34696Windows Hyper-V Remote Code Execution VulnerabilityCritical7.8NoNoRCECVE-2022-34702Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-34714Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35745Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35766Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35767Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-35794Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCECVE-2022-34716.NET Spoofing VulnerabilityImportant5.9NoNoSpoofingCVE-2022-34685Azure RTOS GUIX Studio Information Disclosure VulnerabilityImportant7.8NoNoInfoCVE-2022-34686Azure RTOS GUIX Studio Information Disclosure VulnerabilityImportant7.8NoNoInfoCVE-2022-30175Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-30176Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-34687Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-35773Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-35779Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-35806Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-35776Azure Site Recovery Denial of Service VulnerabilityImportant6.2NoNoDoSCVE-2022-35802Azure Site Recovery Elevation of Privilege VulnerabilityImportant8.1NoNoEoPCVE-2022-35775Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35780Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35781Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35782Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35784Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35785Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35786Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35788Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35789Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35790Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35791Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35799Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35801Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35807Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35808Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35809Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35810Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35811Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35813Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35814Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35815Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35816Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35817Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35818Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35819Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoPCVE-2022-35774Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoPCVE-2022-35787Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoPCVE-2022-35800Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoPCVE-2022-35783Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.4NoNoEoPCVE-2022-35812Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.4NoNoEoPCVE-2022-35824Azure Site Recovery Remote Code Execution VulnerabilityImportantUnknownNoNoRCECVE-2022-35772Azure Site Recovery Remote Code Execution VulnerabilityImportant7.2NoNoRCECVE-2022-35821Azure Sphere Information Disclosure VulnerabilityImportant4.4NoNoInfoCVE-2022-34301 *CERT/CC: CVE-2022-34301 Eurosoft Boot Loader BypassImportantN/ANoNoSFBCVE-2022-34302 *CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader BypassImportantN/ANoNoSFBCVE-2022-34303 *CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader BypassImportantN/ANoNoSFBCVE-2022-35748HTTP.sys Denial of Service VulnerabilityImportant7.5NoNoDoSCVE-2022-35760Microsoft ATA Port Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-33649Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityImportant9.6NoNoSFBCVE-2022-33648Microsoft Excel Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-33631Microsoft Excel Security Feature Bypass VulnerabilityImportant7.3NoNoSFBCVE-2022-34692Microsoft Exchange Information Disclosure VulnerabilityImportant5.3NoNoInfoCVE-2022-21979Microsoft Exchange Information Disclosure VulnerabilityImportant4.8NoNoInfoCVE-2022-34717Microsoft Office Remote Code Execution VulnerabilityImportant8.8NoNoRCECVE-2022-35742Microsoft Outlook Denial of Service VulnerabilityImportant7.5NoNoDoSCVE-2022-35743Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution VulnerabilityImportant7.8NoNoRCECVE-2022-35762Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35763Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35764Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35765Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35792Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-33640System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35754Unified Write Filter Elevation of Privilege VulnerabilityImportant6.7NoNoEoPCVE-2022-35777Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCECVE-2022-35825Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCECVE-2022-35826Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCECVE-2022-35827Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCECVE-2022-35750Win32k Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35820Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-30144Windows Bluetooth Service Remote Code Execution VulnerabilityImportant7.5NoNoRCECVE-2022-35757Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant7.3NoNoEoPCVE-2022-34705Windows Defender Credential Guard Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35771Windows Defender Credential Guard Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-34704Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfoCVE-2022-34710Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfoCVE-2022-34712Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfoCVE-2022-34709Windows Defender Credential Guard Security Feature Bypass VulnerabilityImportant6NoNoSFBCVE-2022-35746Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35749Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35795Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-34690Windows Fax Service Elevation of Privilege VulnerabilityImportant7.1NoNoEoPCVE-2022-35797Windows Hello Security Feature Bypass VulnerabilityImportant6.1NoNoSFBCVE-2022-35751Windows Hyper-V Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35756Windows Kerberos Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35761Windows Kernel Elevation of Privilege VulnerabilityImportant8.4NoNoEoPCVE-2022-34707Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35768Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-34708Windows Kernel Information Disclosure VulnerabilityImportant5.5NoNoInfoCVE-2022-35758Windows Kernel Memory Information Disclosure VulnerabilityImportant5.5NoNoInfoCVE-2022-30197Windows Kernel Security Feature BypassImportant7.8NoNoSFBCVE-2022-35759Windows Local Security Authority (LSA) Denial of Service VulnerabilityImportant6.5NoNoDoSCVE-2022-34706Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-34715Windows Network File System Remote Code Execution VulnerabilityImportant9.8NoNoRCECVE-2022-33670Windows Partition Management Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-34703Windows Partition Management Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-35769Windows Point-to-Point Protocol (PPP) Denial of Service VulnerabilityImportant7.5NoNoDoSCVE-2022-35747Windows Point-to-Point Protocol (PPP) Denial of Service VulnerabilityImportant5.9NoNoDoSCVE-2022-35755Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.3NoNoEoPCVE-2022-35793Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.3NoNoEoPCVE-2022-34701Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service VulnerabilityImportant5.3NoNoDoSCVE-2022-30194Windows WebBrowser Control Remote Code Execution VulnerabilityImportant7.5NoNoRCECVE-2022-34699Windows Win32k Elevation of Privilege VulnerabilityImportant7.8NoNoEoPCVE-2022-33636Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerate8.3NoNoRCECVE-2022-35796Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityLow7.5NoNoEoPCVE-2022-2603 *Chromium: CVE-2022-2603 Use after free in OmniboxHighN/ANoNoRCECVE-2022-2604 *Chromium: CVE-2022-2604 Use after free in Safe BrowsingHighN/ANoNoRCECVE-2022-2605 *Chromium: CVE-2022-2605 Out of bounds read in DawnHighN/ANoNoRCECVE-2022-2606 *Chromium: CVE-2022-2606 Use after free in Managed devices APIHighN/ANoNoRCECVE-2022-2610 *Chromium: CVE-2022-2610 Insufficient policy enforcement in Background FetchMediumN/ANoNoSFBCVE-2022-2611 *Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen APIMediumN/ANoNoN/ACVE-2022-2612 *Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard inputMediumN/ANoNoInfoCVE-2022-2614 *Chromium: CVE-2022-2614 Use after free in Sign-In FlowMediumN/ANoNoRCECVE-2022-2615 *Chromium: CVE-2022-2615 Insufficient policy enforcement in CookiesMediumN/ANoNoSFBCVE-2022-2616 *Chromium: CVE-2022-2616 Inappropriate implementation in Extensions APIMediumN/ANoNoN/ACVE-2022-2617 *Chromium: CVE-2022-2617 Use after free in Extensions APIMediumN/ANoNoRCECVE-2022-2618 *Chromium: CVE-2022-2618 Insufficient validation of untrusted input in InternalsMediumN/ANoNoSpoofingCVE-2022-2619 *Chromium: CVE-2022-2619 Insufficient validation of untrusted input in SettingsMediumN/ANoNoSpoofingCVE-2022-2621 *Chromium: CVE-2022-2621 Use after free in ExtensionsMediumN/ANoNoRCECVE-2022-2622 *Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe BrowsingMediumN/ANoNoSpoofingCVE-2022-2623 *Chromium: CVE-2022-2623 Use after free in OfflineMediumN/ANoNoRCECVE-2022-2624 *Chromium: CVE-2022-2624 Heap buffer overflow in PDFMediumN/ANoNoRCE
The post Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day appeared first on Security Affairs.