You are currently viewing Microsoft August 2022 Patch Tuesday Addresses 121 Security Flaws Including Two Zero-day Vulnerabilities!

Microsoft August 2022 Patch Tuesday Addresses 121 Security Flaws Including Two Zero-day Vulnerabilities!

Microsoft fixes 121 vulnerabilities, including 17 ‘critical’ and the rest ‘important’ in its August 2022 Patch Tuesday update. Compared to last month’s patch Tuesday, critical vulnerabilities are increased by 325%. The most critical vulnerabilities are remote code execution and the rest are elevation of privilege.

This month, two Zero-day flaws have been fixed. Both vulnerabilities are important with remote code execution in MSDT (CVE-2022-34713) and  Information Disclosure in Microsoft Exchange (CVE-2022-30134). The remote code execution vulnerability is being actively exploited, whereas the other is not detected as such. Both vulnerabilities are publicly disclosed, as stated by Microsoft.


Zero-day Vulnerabilities

Patch Tuesday August 2022 fixed critical zero-day vulnerabilities like:

CVE-2022-34713Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. An attacker must convince a target to open a booby-trapped file, such as an Office document. This CVE is a variant of the vulnerability publicly known as Dogwalk.

CVE-2022-30134Microsoft Exchange Information Disclosure Vulnerability. A user of an affected version of Exchange Server must access a malicious server to exploit this vulnerability. An attacker needs to host a server share or website that has been specially crafted to exploit this vulnerability. The successfully exploitation of the vulnerability could allow attackers to read targeted email messages.


Active Exploits

CVE-2022-34713Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This CVE is a variant of the vulnerability publicly known as Dogwalk. This is actively exploited as stated by Microsoft.


Critical Vulnerabilities

Patch Tuesday August 2022 also fixed a number of critical vulnerabilities as well.

CVE-2022-35794Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.

CVE-2022-30133 and CVE-2022-35744Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability. This vulnerability can only be exploited by communicating via Port 1723. As a temporary workaround prior to installing the updates that address this vulnerability, you can block traffic through that port thus rendering the vulnerability unexploitable.

CVE-2022-34691Active Directory Domain Services Elevation of Privilege Vulnerability. This vulnerability can only be exploited by communicating via Port 1723. As a temporary workaround, An authenticated user could manipulate attributes on computer accounts they own or manage and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to the System.

CVE-2022-33646Azure Batch Node Agent Elevation of Privilege Vulnerability. A successful attack will lead to elevation to SYSTEM privileges

Other Critical Vulnerabilities :

Tag CVE ID CVE Title Severity
Microsoft Exchange Server CVE-2022-21980 Microsoft Exchange Server Elevation of Privilege Vulnerability Critical
Microsoft Exchange Server CVE-2022-24477 Microsoft Exchange Server Elevation of Privilege Vulnerability Critical
Microsoft Exchange Server CVE-2022-24516 Microsoft Exchange Server Elevation of Privilege Vulnerability Critical
Role: Windows Hyper-V CVE-2022-34696 Windows Hyper-V Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-34702 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-34714 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-35745 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Remote Access Service Point-to-Point Tunneling Protocol CVE-2022-35752 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Remote Access Service Point-to-Point Tunneling Protocol CVE-2022-35753 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-35766 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Secure Socket Tunneling Protocol (SSTP) CVE-2022-35767 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability Critical
Windows Kernel CVE-2022-35804 SMB Client and Server Remote Code Execution Vulnerability Critical

Microsoft security bulletin summary for August 2022

  • Azure Batch Node Agent
  • Azure Real-Time Operating System
  • Azure Site Recovery
  • Azure Sphere
  • Microsoft Bluetooth Driver
  • Microsoft Exchange Server
  • Microsoft Office
  • Microsoft Windows Support Diagnostic Tool (MSDT)
  • Remote Access Service Point-to-Point Tunneling Protocol
  • System Center Operations Manager
  • Visual Studio
  • Windows Bluetooth Service
  • Windows Canonical Display Driver
  • Windows Cloud Files Mini Filter Driver
  • Windows Defender Credential Guard
  • Windows Digital Media
  • Windows Error Reporting
  • Windows Hello
  • Windows Internet Information Services
  • Windows Kerberos
  • Windows Kernel
  • Windows Local Security Authority (LSA)
  • Windows Network File System
  • Windows Partition Management Driver
  • Windows Point-to-Point Tunneling Protocol
  • Windows Print Spooler Components
  • Windows Secure Boot
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows Storage Spaces Direct
  • Windows Unified Write Filter
  • Windows WebBrowser Control
  • Windows Win32K

Product: Microsoft Windows.
CVEs/Advisory: CVE-2022-35771, CVE-2022-35768, CVE-2022-35794, CVE-2022-35766, CVE-2022-35792, CVE-2022-35765, CVE-2022-35764, CVE-2022-35760, CVE-2022-35754, CVE-2022-35795, CVE-2022-35797, CVE-2022-35763, CVE-2022-35820, CVE-2022-35804, CVE-2022-34703, CVE-2022-33670, CVE-2022-35793, CVE-2022-35767, CVE-2022-35769, CVE-2022-35757, CVE-2022-34303, CVE-2022-35762, CVE-2022-35761, CVE-2022-35759, CVE-2022-35758, CVE-2022-35756, CVE-2022-35755, CVE-2022-35753, CVE-2022-35752, CVE-2022-35751, CVE-2022-35750, CVE-2022-35749, CVE-2022-35748, CVE-2022-35747, CVE-2022-35746, CVE-2022-35745, CVE-2022-35744, CVE-2022-35743, CVE-2022-34715, CVE-2022-34714, CVE-2022-34713, CVE-2022-34712, CVE-2022-34710, CVE-2022-34709, CVE-2022-34708, CVE-2022-34707, CVE-2022-34706, CVE-2022-34705, CVE-2022-34704, CVE-2022-34702, CVE-2022-34701, CVE-2022-34699, CVE-2022-34696, CVE-2022-34691, CVE-2022-34690, CVE-2022-34302, CVE-2022-30194, CVE-2022-30144, CVE-2022-30133, CVE-2022-30197, CVE-2022-34301
Impact: Impact, Elevation of Privilege, Remote Code Execution, Security Feature Bypass, Denial of Service, Information Disclosure
KB’s: 5016623, 5016622, 5016639, 5016616, 5016629, 5016627, 5016681, 5016683, 5016618, 5016676, 5016679, 5012170, 5016672, 5016684, 5016669, 5016686

Product: Microsoft Azure
CVE/Advisory: CVE-2022-30175, CVE-2022-30176, CVE-2022-33646, CVE-2022-34685, CVE-2022-34686, CVE-2022-34687, CVE-2022-35772, CVE-2022-35773, CVE-2022-35774, CVE-2022-35775, CVE-2022-35776, CVE-2022-35779, CVE-2022-35780, CVE-2022-35781, CVE-2022-35782, CVE-2022-35783, CVE-2022-35784, CVE-2022-35785, CVE-2022-35786, CVE-2022-35787, CVE-2022-35788, CVE-2022-35789, CVE-2022-35790, CVE-2022-35791, CVE-2022-35799, CVE-2022-35800, CVE-2022-35801, CVE-2022-35802, CVE-2022-35806, CVE-2022-35807, CVE-2022-35808, CVE-2022-35809, CVE-2022-35810, CVE-2022-35811, CVE-2022-35812, CVE-2022-35813, CVE-2022-35814, CVE-2022-35815, CVE-2022-35816, CVE-2022-35817, CVE-2022-35818, CVE-2022-35819, CVE-2022-35821, CVE-2022-35824
Impact: Denial of Service, Elevation of Privilege, Impact, Information Disclosure, Remote Code Execution

Product: Microsoft Office
CVE/Advisory: CVE-2022-21979, CVE-2022-21980, CVE-2022-24477, CVE-2022-24516, CVE-2022-30134, CVE-2022-33631, CVE-2022-33648, CVE-2022-34692, CVE-2022-34717, CVE-2022-35742, CVE-2022-33632
Impact: Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass
KB: 4462142, 4462148, 5001990, 5002051, 5002228, 5002232, 5002242, 5015321, 5015322


SanerNow VM and SanerNow PM detect and automatically fix these vulnerabilities by applying security updates. Use SanerNow and keep your systems updated and secure.

0 0 votes
Article Rating
Subscribe
Notify of

0 Comments
Inline Feedbacks
View all comments