Nov 21, 2024
Microsoft Fixes 121 Security Flaws in August Patch Tuesday
In this month’s Patch Tuesday, Microsoft fixed 121 flaws in total, including two zero-day vulnerabilities that are actively exploited. Among 121, 17 vulnerabilities with critical ratings could allow RCE and privilege escalation.
The fixed vulnerabilities fall into the following categories, with their counts:
- Elevation of Privilege (64)
- Security Feature Bypass (6)
- Remote Code Execution (31)
- Information Disclosure (12)
- Denial of Service (7)
- Spoofing (1)
Patched Zero Days
One of the zero-day vulnerabilities is CVE-2022-34713, which is better known as DogWalk. It is an RCE vulnerability existing in Windows Support Diagnostic Tool (MSDT) for over two years, and its exploit code is publicly accessible. Exploiting DogWalk allows an attacker to insert malicious executables into the Windows Startup folder.
In Microsoft’s advisory, it is mentioned a user must interact and open a specially created file to cause exploitation. This can happen in phishing attacks. The user can get an email with the compromised file or enter a fake website created specifically by the attacker.
DogWalk was found in January 2020 by security researcher Imre Rad. However, Microsoft decided not to address it since it did not consider it to be a security risk. It was fixed in this month’s Patch Tuesday.
The other zero-day flaw, CVE-2022-30134, is an Information Disclosure vulnerability in Microsoft Exchange. It enables an attacker to read certain emails. Despite being officially published, Microsoft claims that CVE-2022-30134 has not yet been exploited in attacks.
DogWalk Enters the List of Known Exploited Vulnerabilities
CISA also has warned about DogWalk by adding it to the list of Known Exploited Vulnerabilities along with a vulnerability with path traversal abilities. Tracked as CVE-2022-30333, it affects the UnRAR utility on Linux and Unix. If exploited, CVE-2022-30333 could let an attacker extract malicious files to an arbitrary location during unpacking.
CISA advises applying the patches provided by vendors.
Apply the Patches
Microsoft’s Patch Tuesday updates in August can be found in the security update guide. A release note is also available.
The list below shows affected products/systems.
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Core | CVE-2022-34716 | .NET Spoofing Vulnerability | Important |
| Active Directory Domain Services |
CVE-2022-34691 | Active Directory Domain Services Elevation of Privilege Vulnerability |
Critical |
| Azure Batch Node Agent |
CVE-2022-33646 | Azure Batch Node Agent Elevation of Privilege Vulnerability |
Critical |
| Azure Real Time Operating System |
CVE-2022-34685 | Azure RTOS GUIX Studio Information Disclosure Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-34686 | Azure RTOS GUIX Studio Information Disclosure Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-35773 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-35779 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-35806 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-34687 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-30176 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Real Time Operating System |
CVE-2022-30175 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35791 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35818 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35809 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35789 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35815 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35817 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35816 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35814 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35785 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35812 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35811 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35784 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35810 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35813 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35788 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35783 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35786 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35787 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35819 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35781 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35775 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35790 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35780 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35799 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35772 | Azure Site Recovery Remote Code Execution Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35800 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35774 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35802 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35782 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35824 | Azure Site Recovery Remote Code Execution Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35801 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35808 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35776 | Azure Site Recovery Denial of Service Vulnerability |
Important |
| Azure Site Recovery | CVE-2022-35807 | Azure Site Recovery Elevation of Privilege Vulnerability |
Important |
| Azure Sphere | CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability |
Important |
| Microsoft ATA Port Driver |
CVE-2022-35760 | Microsoft ATA Port Driver Elevation of Privilege Vulnerability |
Important |
| Microsoft Bluetooth Driver |
CVE-2022-35820 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
Important |
| Microsoft Edge (Chromium-based) |
CVE-2022-35796 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
Low |
| Microsoft Edge (Chromium-based) |
CVE-2022-33649 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
Important |
| Microsoft Edge (Chromium-based) |
CVE-2022-2618 | Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2616 | Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2617 | Chromium: CVE-2022-2617 Use after free in Extensions API |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2619 | Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2622 | Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2623 | Chromium: CVE-2022-2623 Use after free in Offline |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-33636 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
Moderate |
| Microsoft Edge (Chromium-based) |
CVE-2022-2621 | Chromium: CVE-2022-2621 Use after free in Extensions |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2615 | Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2604 | Chromium: CVE-2022-2604 Use after free in Safe Browsing |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2605 | Chromium: CVE-2022-2605 Out of bounds read in Dawn |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2624 | Chromium: CVE-2022-2624 Heap buffer overflow in PDF |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2603 | Chromium: CVE-2022-2603 Use after free in Omnibox |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2606 | Chromium: CVE-2022-2606 Use after free in Managed devices API |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2612 | Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2614 | Chromium: CVE-2022-2614 Use after free in Sign-In Flow |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2610 | Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch |
Unknown |
| Microsoft Edge (Chromium-based) |
CVE-2022-2611 | Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API |
Unknown |
| Microsoft Exchange Server |
CVE-2022-34692 | Microsoft Exchange Information Disclosure Vulnerability |
Important |
| Microsoft Exchange Server |
CVE-2022-21980 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
Critical |
| Microsoft Exchange Server |
CVE-2022-21979 | Microsoft Exchange Information Disclosure Vulnerability |
Important |
| Microsoft Exchange Server |
CVE-2022-24516 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
Critical |
| Microsoft Exchange Server |
CVE-2022-30134 | Microsoft Exchange Information Disclosure Vulnerability |
Important |
| Microsoft Exchange Server |
CVE-2022-24477 | Microsoft Exchange Server Elevation of Privilege Vulnerability |
Critical |
| Microsoft Office |
CVE-2022-34717 | Microsoft Office Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2022-33648 | Microsoft Excel Remote Code Execution Vulnerability |
Important |
| Microsoft Office Excel |
CVE-2022-33631 | Microsoft Excel Security Feature Bypass Vulnerability |
Important |
| Microsoft Office Outlook |
CVE-2022-35742 | Microsoft Outlook Denial of Service Vulnerability |
Important |
| Microsoft Windows Support Diagnostic Tool (MSDT) |
CVE-2022-34713 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
Important |
| Microsoft Windows Support Diagnostic Tool (MSDT) |
CVE-2022-35743 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
Important |
| Remote Access Service Point-to-Point Tunneling Protocol |
CVE-2022-35752 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Remote Access Service Point-to-Point Tunneling Protocol |
CVE-2022-35753 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Remote Access Service Point-to-Point Tunneling Protocol |
CVE-2022-35769 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability |
Important |
| Role: Windows Fax Service |
CVE-2022-34690 | Windows Fax Service Elevation of Privilege Vulnerability |
Important |
| Role: Windows Hyper-V |
CVE-2022-34696 | Windows Hyper-V Remote Code Execution Vulnerability |
Critical |
| Role: Windows Hyper-V |
CVE-2022-35751 | Windows Hyper-V Elevation of Privilege Vulnerability |
Important |
| System Center Operations Manager |
CVE-2022-33640 | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
Important |
| Visual Studio | CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability |
Important |
| Visual Studio | CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability |
Important |
| Visual Studio | CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability |
Important |
| Visual Studio | CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability |
Important |
| Windows Bluetooth Service |
CVE-2022-30144 | Windows Bluetooth Service Remote Code Execution Vulnerability |
Important |
| Windows Canonical Display Driver |
CVE-2022-35750 | Win32k Elevation of Privilege Vulnerability | Important |
| Windows Cloud Files Mini Filter Driver |
CVE-2022-35757 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-35771 | Windows Defender Credential Guard Elevation of Privilege Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-34705 | Windows Defender Credential Guard Elevation of Privilege Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-34710 | Windows Defender Credential Guard Information Disclosure Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-34709 | Windows Defender Credential Guard Security Feature Bypass Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-34704 | Windows Defender Credential Guard Information Disclosure Vulnerability |
Important |
| Windows Defender Credential Guard |
CVE-2022-34712 | Windows Defender Credential Guard Information Disclosure Vulnerability |
Important |
| Windows Digital Media |
CVE-2022-35746 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
Important |
| Windows Digital Media |
CVE-2022-35749 | Windows Digital Media Receiver Elevation of Privilege Vulnerability |
Important |
| Windows Error Reporting |
CVE-2022-35795 | Windows Error Reporting Service Elevation of Privilege Vulnerability |
Important |
| Windows Hello | CVE-2022-35797 | Windows Hello Security Feature Bypass Vulnerability |
Important |
| Windows Internet Information Services |
CVE-2022-35748 | HTTP.sys Denial of Service Vulnerability | Important |
| Windows Kerberos | CVE-2022-35756 | Windows Kerberos Elevation of Privilege Vulnerability |
Important |
| Windows Kernel | CVE-2022-35761 | Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel | CVE-2022-35768 | Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel | CVE-2022-34708 | Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Kernel | CVE-2022-34707 | Windows Kernel Elevation of Privilege Vulnerability |
Important |
| Windows Kernel | CVE-2022-35804 | SMB Client and Server Remote Code Execution Vulnerability |
Critical |
| Windows Kernel | CVE-2022-30197 | Windows Kernel Information Disclosure Vulnerability |
Important |
| Windows Kernel | CVE-2022-35758 | Windows Kernel Memory Information Disclosure Vulnerability |
Important |
| Windows Local Security Authority (LSA) |
CVE-2022-34706 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability |
Important |
| Windows Local Security Authority (LSA) |
CVE-2022-35759 | Windows Local Security Authority (LSA) Denial of Service Vulnerability |
Important |
| Windows Network File System |
CVE-2022-34715 | Windows Network File System Remote Code Execution Vulnerability |
Important |
| Windows Partition Management Driver |
CVE-2022-33670 | Windows Partition Management Driver Elevation of Privilege Vulnerability |
Important |
| Windows Partition Management Driver |
CVE-2022-34703 | Windows Partition Management Driver Elevation of Privilege Vulnerability |
Important |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-30133 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability |
Critical |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-35747 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability |
Important |
| Windows Point-to-Point Tunneling Protocol |
CVE-2022-35744 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability |
Critical |
| Windows Print Spooler Components |
CVE-2022-35793 | Windows Print Spooler Elevation of Privilege Vulnerability |
Important |
| Windows Print Spooler Components |
CVE-2022-35755 | Windows Print Spooler Elevation of Privilege Vulnerability |
Important |
| Windows Secure Boot | CVE-2022-34301 | CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass |
Important |
| Windows Secure Boot | CVE-2022-34302 | CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass |
Important |
| Windows Secure Boot | CVE-2022-34303 | CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass |
Important |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-35745 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-35766 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-35794 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-34701 | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability |
Important |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-34714 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-34702 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Secure Socket Tunneling Protocol (SSTP) |
CVE-2022-35767 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
Critical |
| Windows Storage Spaces Direct |
CVE-2022-35762 | Storage Spaces Direct Elevation of Privilege Vulnerability |
Important |
| Windows Storage Spaces Direct |
CVE-2022-35765 | Storage Spaces Direct Elevation of Privilege Vulnerability |
Important |
| Windows Storage Spaces Direct |
CVE-2022-35792 | Storage Spaces Direct Elevation of Privilege Vulnerability |
Important |
| Windows Storage Spaces Direct |
CVE-2022-35763 | Storage Spaces Direct Elevation of Privilege Vulnerability |
Important |
| Windows Storage Spaces Direct |
CVE-2022-35764 | Storage Spaces Direct Elevation of Privilege Vulnerability |
Important |
| Windows Unified Write Filter |
CVE-2022-35754 | Unified Write Filter Elevation of Privilege Vulnerability |
Important |
| Windows WebBrowser Control |
CVE-2022-30194 | Windows WebBrowser Control Remote Code Execution Vulnerability |
Important |
| Windows Win32K | CVE-2022-34699 | Windows Win32k Elevation of Privilege Vulnerability |
Important |
Related Articles
Subscribe to our newsletter and stay updated on the latest insights!
