Vulnerability Watch

Forum Discussion

snarang's avatar
snarang
Product Team
4 years ago

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs On...

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs

On August 9, Microsoft released its August 2022 Patch Tuesday release which patched 118 CVEs with 17 rated as critical and 101 rated as important.

In this month’s release, Microsoft addressed two remote code execution vulnerabilities in its Windows Support Diagnostic Tool (MSDT): 

  • CVE-2022-34713
  • CVE-2022-35743

Both flaws received the same CVSSv3 score (7.8) and are rated as important. However, Microsoft notes that CVE-2022-34713 has been exploited in the wild as a zero-day. The flaw is credited to Imre Rad, the security researcher that first disclosed the vulnerability back in January 2020. However, following renewed interest in MSDT spurred by the discovery and exploitation of CVE-2022-30190 (aka Follina), Microsoft patched the flaw this month.

This month’s update includes patches for:

  • .NET Core
  • Active Directory Domain Services
  • Azure Batch Node Agent
  • Azure Real Time Operating System
  • Azure Site Recovery
  • Azure Sphere
  • Microsoft ATA Port Driver
  • Microsoft Bluetooth Driver
  • Microsoft Edge (Chromium-based)
  • Microsoft Exchange Server
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Windows Support Diagnostic Tool (MSDT)
  • Remote Access Service Point-to-Point Tunneling Protocol
  • Role: Windows Fax Service
  • Role: Windows Hyper-V
  • System Center Operations Manager
  • Visual Studio
  • Windows Bluetooth Service
  • Windows Canonical Display Driver
  • Windows Cloud Files Mini Filter Driver
  • Windows Defender Credential Guard
  • Windows Digital Media
  • Windows Error Reporting
  • Windows Hello
  • Windows Internet Information Services
  • Windows Kerberos
  • Windows Kernel
  • Windows Local Security Authority (LSA)
  • Windows Network File System
  • Windows Partition Management Driver
  • Windows Point-to-Point Tunneling Protocol
  • Windows Print Spooler Components
  • Windows Secure Boot
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows Storage Spaces Direct
  • Windows Unified Write Filter
  • Windows WebBrowser Control
  • Windows Win32K

For more information, please visit our blog.

Cyber Exposure Alerts
No RepliesBe the first to reply

Recent Discussions