PRUEBA AHORA
Patch Tuesday

Microsoft Patch Tuesday – May 2022

6 min. read
10/05/2022
By Esben Dochy
Microsoft-Patch-Tuesday-May-2022

Patch Tuesday is once again upon us. The May 2022 edition of Patch Tuesday brings us 76 fixes, with 6 rated as critical. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the May 2022 Patch Tuesday Audit Report

Network File System RCE Repeat

Similar to last month’s Patch Tuesday, the most critical vulnerability again lies in the Windows Network File System (NFS). A new remote code execution vulnerability, CVE-2022-26937, has been detected with a CVSS base score of 9.8. Microsoft’s exploitability assessment also mentions that exploitation of this vulnerability is «More Likely». Attackers can exploit the vulnerability over the network by making an unauthenticated, specially crafted call to an NFS service to trigger a remote code execution.

Similar to last month, if you want to get a better view of which of your server have the NFS role installed, you can get a quick overview of all Windows Servers with the NFS role installed with the audit below.

Active Directory Services Elevation of Privilege

The second most critical vulnerability this month is in the Active Directory (AD) Domain. An authenticated user can exploit the vulnerability by manipulating attributes on computer accounts they have access to and acquire a certificate from Active Directory Certificate Services that allow elevation of privilege. Important to note is that you’re only at risk if you have Active Directory Certificate Services running on your domain, again something you can easily find out by looking servers with the Active Directory Certificate Services role installed.

CVE-2022-26923 has a CVSS base score of 8.8 and, similar to the previous vulnerability, is also listed as «More Likely» to be exploited.

Remote Desktop Client RCE

Third on the list is a remote desktop client remote code execution vulnerability. Listed as CVE-2022-22017 with a CVSS base score of 8.8 this vulnerability can be exploited if an attacker convinces a user to connect to a malicious RDP server. Upon connecting, the malicious server could execute code on the victim’s system in the user’s context. As long as your access management is in order, even when exploited, the impact should be limited.

Run the Patch Tuesday May 2022 Audit Report

To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Patch Tuesday May 2022 CVE Codes & Titles

CVE NumberCVE Title
CVE-2022-30130.NET Framework Denial of Service Vulnerability
CVE-2022-30129Visual Studio Code Remote Code Execution Vulnerability
CVE-2022-29151Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
CVE-2022-29150Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
CVE-2022-29148Visual Studio Remote Code Execution Vulnerability
CVE-2022-29145.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-29142Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-29141Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29140Windows Print Spooler Information Disclosure Vulnerability
CVE-2022-29139Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29138Windows Clustered Shared Volume Elevation of Privilege Vulnerability
CVE-2022-29137Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29135Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability
CVE-2022-29134Windows Clustered Shared Volume Information Disclosure Vulnerability
CVE-2022-29133Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-29132Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-29131Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29130Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29129Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29128Windows LDAP Remote Code Execution Vulnerability
CVE-2022-29127BitLocker Security Feature Bypass Vulnerability
CVE-2022-29126Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability
CVE-2022-29125Windows Push Notifications Apps Elevation of Privilege Vulnerability
CVE-2022-29123Windows Clustered Shared Volume Information Disclosure Vulnerability
CVE-2022-29122Windows Clustered Shared Volume Information Disclosure Vulnerability
CVE-2022-29121Windows WLAN AutoConfig Service Denial of Service Vulnerability
CVE-2022-29120Windows Clustered Shared Volume Information Disclosure Vulnerability
CVE-2022-29117.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-29116Windows Kernel Information Disclosure Vulnerability
CVE-2022-29115Windows Fax Service Remote Code Execution Vulnerability
CVE-2022-29114Windows Print Spooler Information Disclosure Vulnerability
CVE-2022-29113Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-29112Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-29110Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-29109Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-29108Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-29107Microsoft Office Security Feature Bypass Vulnerability
CVE-2022-29106Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability
CVE-2022-29105Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVE-2022-29104Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-29103Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2022-29102Windows Failover Cluster Information Disclosure Vulnerability
CVE-2022-26940Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2022-26939Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-26938Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-26937Windows Network File System Remote Code Execution Vulnerability
CVE-2022-26936Windows Server Service Information Disclosure Vulnerability
CVE-2022-26935Windows WLAN AutoConfig Service Information Disclosure Vulnerability
CVE-2022-26934Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-26933Windows NTFS Information Disclosure Vulnerability
CVE-2022-26932Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-26931Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-26930Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVE-2022-26927Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-26926Windows Address Book Remote Code Execution Vulnerability
CVE-2022-26925Windows LSA Spoofing Vulnerability
CVE-2022-26923Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-26913Windows Authentication Security Feature Bypass Vulnerability
CVE-2022-26788PowerShell Elevation of Privilege Vulnerability
CVE-2022-24513Visual Studio Elevation of Privilege Vulnerability
CVE-2022-24466Windows Hyper-V Security Feature Bypass Vulnerability
CVE-2022-23279Windows ALPC Elevation of Privilege Vulnerability
CVE-2022-23270Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-23267.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-22713Windows Hyper-V Denial of Service Vulnerability
CVE-2022-22019Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVE-2022-22017Remote Desktop Client Remote Code Execution Vulnerability
CVE-2022-22016Windows PlayToManager Elevation of Privilege Vulnerability
CVE-2022-22015Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVE-2022-22014Windows LDAP Remote Code Execution Vulnerability
CVE-2022-22013Windows LDAP Remote Code Execution Vulnerability
CVE-2022-22012Windows LDAP Remote Code Execution Vulnerability
CVE-2022-22011Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-21978Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-1096Chromium: CVE-2022-1096 Type Confusion in V8

Receive the Latest Patch Tuesday Report for FREE Every Month

"*" señala los campos obligatorios

This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
Este campo es un campo de validación y debe quedar sin cambios.