Microsoft August 2022 Patch Tuesday

Microsoft August 2022 Patch Tuesday

Microsoft August 2022 Patch Tuesday (9th August 2022) released patches for 2 zero-day vulnerabilities and 121 vulnerabilities.

The August 2022 Microsoft vulnerabilities are classified as follows:

  • 17 – Critical’ as they allow Elevation of Privilege (EoP) and Remote Code Execution (RCE).
  • 104 – Important

Further divided as,

  • 64 – Elevation of Privilege Vulnerabilities
  • 31 – Remote Code Execution Vulnerabilities
  • 12 – Information Disclosure Vulnerabilities
  • 6 – Security Feature Bypass Vulnerabilities
  • 7 – Denial of Service Vulnerabilities
  • 1 – Spoofing Vulnerability

Out of the two zero-day vulnerability , The actively exploited zero-day vulnerability named ‘DogWalk’ tracked as CVE-2022-34713 is a Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

The zero-day vulnerability (tracked as CVE-2022-30134) is a Microsoft Exchange Information Disclosure Vulnerability which allows threat actors to read targeted email messages. Even though this vulnerability is publicly disclosed no attacks has been detected yet.

Impact

  • Allows threat actors to exploit the publicly disclosed vulnerabilities.

Remediate

  • Update to the latest version

Source: