Microsoft August 2022 Patch Tuesday
Microsoft August 2022 Patch Tuesday (9th August 2022) released patches for 2 zero-day vulnerabilities and 121 vulnerabilities.
The August 2022 Microsoft vulnerabilities are classified as follows:
- 17 – Critical’ as they allow Elevation of Privilege (EoP) and Remote Code Execution (RCE).
- 104 – Important
Further divided as,
- 64 – Elevation of Privilege Vulnerabilities
- 31 – Remote Code Execution Vulnerabilities
- 12 – Information Disclosure Vulnerabilities
- 6 – Security Feature Bypass Vulnerabilities
- 7 – Denial of Service Vulnerabilities
- 1 – Spoofing Vulnerability
Out of the two zero-day vulnerability , The actively exploited zero-day vulnerability named ‘DogWalk’ tracked as CVE-2022-34713 is a Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
The zero-day vulnerability (tracked as CVE-2022-30134) is a Microsoft Exchange Information Disclosure Vulnerability which allows threat actors to read targeted email messages. Even though this vulnerability is publicly disclosed no attacks has been detected yet.
Impact
- Allows threat actors to exploit the publicly disclosed vulnerabilities.
Remediate
- Update to the latest version
Source: