Microsoft’s July 2022 Patch Tuesday Addresses 84 CVEs

On July 12, Microsoft released its July 2022 Patch Tuesday release which patched 84 CVEs with four rated as critical and 79 rated as important.

Notably, CVE-2022-22047 is an elevation of privilege vulnerability in the Windows Client Server Run-Time Subsystem that has been exploited in the wild, though no further details have been shared at the time of publication. 

Microsoft patched several vulnerabilities in Azure Site Recovery, including CVE-2022-33675, an elevation of privilege vulnerability discovered and reported to Microsoft by Tenable researcher Jimi Sebree.

This month’s update includes patches for:

• AMD CPU Branch
• Azure Site Recovery
• Azure Storage Library
• Microsoft Defender for Endpoint
• Microsoft Edge (Chromium-based)
• Microsoft Graphics Component
• Microsoft Office
• Open Source Software
• Role: DNS Server
• Role: Windows Fax Service
• Role: Windows Hyper-V
• Skype for Business and Microsoft Lync
• Windows Active Directory
• Windows Advanced Local Procedure Call
• Windows BitLocker
• Windows Boot Manager
• Windows Client/Server Runtime Subsystem
• Windows Connected Devices Platform Service
• Windows Credential Guard
• Windows Fast FAT Driver
• Windows Fax and Scan Service
• Windows Group Policy
• Windows IIS
• Windows Kernel
• Windows Media
• Windows Network File System
• Windows Performance Counters
• Windows Point-to-Point Tunneling Protocol
• Windows Portable Device Enumerator Service
• Windows Print Spooler Components
• Windows Remote Procedure Call Runtime
• Windows Security Account Manager
• Windows Server Service
• Windows Shell
• Windows Storage
• XBox

For more information, please visit our blog.