Patch Tuesday is once again upon us. The August 2022 edition of Patch Tuesday brings us 123 fixes, with 17 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the August 2022 Patch Tuesday Audit Report
Windows Server 20H2 End-of-Life
Microsoft is ending support for the last Semi-annual release of Windows Server. These server versions were an attempt to mirror the Windows 10 versioning, with a new release twice per year. These versions received support for 18 months following their release. Windows Server 20H2 is the last Semi-annual release of Windows Server to hit its end-of-life date. You can find more info and a specific Windows Server EOL audit in the Windows Server EOL blog post.
Exchange Elevation of Privilege Vulnerabilities
Three of the 17 critical vulnerabilities are elevation of privilege vulnerabilities in Exchange. Exchange has been routinely getting security updates this year as more and more security flaws are discovered. Microsoft does mention in their official advisories that exploitation of these vulnerabilities is more likely.
CVE-2022-24477, CVE-2022-24516, and CVE-2022-21980 all have a CVSS base score of 8.0. In addition to installing the latest updates, Microsoft lists that: «Customers vulnerable to this issue would need to enable Extended Protection in order to prevent this attack. For more information, see Exchange Server Support for Windows Extended Protection«
Lastly, in addition to the critical vulnerabilities, another 3 information disclosure vulnerabilities were fixed in Exchange. CVE-2022-34692, CVE-2022-30134, and CVE-2022-21979. The vulnerabilities are much lower in severity and their CVSS base score ranges between 4.8 and 7.6.
Windows 11 SMB Client and Server RCE
Another critical vulnerability is exclusive to Windows 11. With a CVSS base score of 8.8, CVE-2022-35804 is likely to be exploited according to the official advisory.
An issue in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol and how it handles certain requests allows attackers who successfully exploit the vulnerability to execute code on the target system. Since this can both occur on the client and server side, there are two attack vectors:
- For the vulnerability to be exploited on the SMB Client, an unauthenticated attacker would first need to configure a malicious SMBv3 server and convince a user to connect to it by enticing them to click a specially crafted link.
- For the vulnerability to be exploited on the SMB Server, an authenticated attacker could send specially crafted packets from an SMB Client to a targeted SMBv3 Server.
Aside from installing the update which is highly recommended. Microsoft does have additional mitigation options and ways to protect your network when an update cannot be performed quickly.
Run the Patch Tuesday August 2022 Audit Report
To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday August 2022 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability |
CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability |
CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability |
CVE-2022-35824 | Azure Site Recovery Remote Code Execution Vulnerability |
CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability |
CVE-2022-35820 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
CVE-2022-35819 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35818 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35817 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35816 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35815 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35814 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35813 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35812 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35811 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35810 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35809 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35808 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35807 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35806 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-35804 | SMB Client and Server Remote Code Execution Vulnerability |
CVE-2022-35802 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35801 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35800 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35799 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35797 | Windows Hello Security Feature Bypass Vulnerability |
CVE-2022-35795 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
CVE-2022-35794 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35793 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2022-35792 | Storage Spaces Direct Elevation of Privilege Vulnerability |
CVE-2022-35791 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35790 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35789 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35788 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35787 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35786 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35785 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35784 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35783 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35782 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35781 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35780 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35779 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability |
CVE-2022-35776 | Azure Site Recovery Denial of Service Vulnerability |
CVE-2022-35775 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35774 | Azure Site Recovery Elevation of Privilege Vulnerability |
CVE-2022-35773 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-35772 | Azure Site Recovery Remote Code Execution Vulnerability |
CVE-2022-35771 | Windows Defender Credential Guard Elevation of Privilege Vulnerability |
CVE-2022-35769 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability |
CVE-2022-35768 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2022-35767 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35766 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35765 | Storage Spaces Direct Elevation of Privilege Vulnerability |
CVE-2022-35764 | Storage Spaces Direct Elevation of Privilege Vulnerability |
CVE-2022-35763 | Storage Spaces Direct Elevation of Privilege Vulnerability |
CVE-2022-35762 | Storage Spaces Direct Elevation of Privilege Vulnerability |
CVE-2022-35761 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2022-35760 | Microsoft ATA Port Driver Elevation of Privilege Vulnerability |
CVE-2022-35759 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
CVE-2022-35758 | Windows Kernel Memory Information Disclosure Vulnerability |
CVE-2022-35757 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
CVE-2022-35756 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2022-35755 | Windows Print Spooler Elevation of Privilege Vulnerability |
CVE-2022-35754 | Unified Write Filter Elevation of Privilege Vulnerability |
CVE-2022-35753 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35752 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35751 | Windows Hyper-V Elevation of Privilege Vulnerability |
CVE-2022-35750 | Win32k Elevation of Privilege Vulnerability |
CVE-2022-35749 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
CVE-2022-35748 | HTTP.sys Denial of Service Vulnerability |
CVE-2022-35747 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability |
CVE-2022-35746 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
CVE-2022-35745 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-35744 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability |
CVE-2022-35743 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
CVE-2022-35742 | Microsoft Outlook Denial of Service Vulnerability |
CVE-2022-34717 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2022-34716 | .NET Spoofing Vulnerability |
CVE-2022-34715 | Windows Network File System Remote Code Execution Vulnerability |
CVE-2022-34714 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-34713 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
CVE-2022-34712 | Windows Defender Credential Guard Information Disclosure Vulnerability |
CVE-2022-34710 | Windows Defender Credential Guard Information Disclosure Vulnerability |
CVE-2022-34709 | Windows Defender Credential Guard Security Feature Bypass Vulnerability |
CVE-2022-34708 | Windows Kernel Information Disclosure Vulnerability |
CVE-2022-34707 | Windows Kernel Elevation of Privilege Vulnerability |
CVE-2022-34706 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
CVE-2022-34705 | Windows Defender Credential Guard Elevation of Privilege Vulnerability |
CVE-2022-34704 | Windows Defender Credential Guard Information Disclosure Vulnerability |
CVE-2022-34703 | Windows Partition Management Driver Elevation of Privilege Vulnerability |
CVE-2022-34702 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
CVE-2022-34701 | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability |
CVE-2022-34699 | Windows Win32k Elevation of Privilege Vulnerability |
CVE-2022-34696 | Windows Hyper-V Remote Code Execution Vulnerability |
CVE-2022-34692 | Microsoft Exchange Information Disclosure Vulnerability |
CVE-2022-34691 | Active Directory Domain Services Elevation of Privilege Vulnerability |
CVE-2022-34690 | Windows Fax Service Elevation of Privilege Vulnerability |
CVE-2022-34687 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-34686 | Azure RTOS GUIX Studio Information Disclosure Vulnerability |
CVE-2022-34685 | Azure RTOS GUIX Studio Information Disclosure Vulnerability |
CVE-2022-34303 | CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass |
CVE-2022-34302 | CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass |
CVE-2022-34301 | CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass |
CVE-2022-33670 | Windows Partition Management Driver Elevation of Privilege Vulnerability |
CVE-2022-33648 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-33646 | Azure Batch Node Agent Elevation of Privilege Vulnerability |
CVE-2022-33640 | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
CVE-2022-33631 | Microsoft Excel Security Feature Bypass Vulnerability |
CVE-2022-30197 | Windows Kernel Information Disclosure Vulnerability |
CVE-2022-30194 | Windows WebBrowser Control Remote Code Execution Vulnerability |
CVE-2022-30176 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-30175 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-30144 | Windows Bluetooth Service Remote Code Execution Vulnerability |
CVE-2022-30134 | Microsoft Exchange Information Disclosure Vulnerability |
CVE-2022-30133 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability |
CVE-2022-30130 | .NET Framework Denial of Service Vulnerability |
CVE-2022-26832 | .NET Framework Denial of Service Vulnerability |
CVE-2022-24516 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-24477 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-21980 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
CVE-2022-21979 | Microsoft Exchange Information Disclosure Vulnerability |
"*" señala los campos obligatorios
Receive the Latest Patch Tuesday Report for FREE Every Month