Microsoft August 2022 Patch Tuesday

Published: 2022-08-09. Last Updated: 2022-08-09 17:33:56 UTC
by Renato Marinho (Version: 1)
0 comment(s)

This month we got patches for 141 vulnerabilities. Of these, 17 are critical, 2 were previously disclosed, and one is already being exploited, according to Microsoft.

The exploited vulnerability is a Remote Code Execution (RCE) affecting Microsoft Windows Support Diagnostic Tool (MSDT) (CVE-2022-34713). According to the advisory, exploitation of the vulnerability requires that a user open a specially crafted file in different scenarios:

• In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file.

• In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.

This CVE is a variant of the vulnerability publicly known as Dogwalk. The CVSS for this vulnerability is 7.8.

Amongst critical vulnerabilities, there is an RCE Windows Point-to-Point Protocol (PPP) (CVE-2022-30133). The exploit vector for this vulnerability is ‘network’, no privilege is required, and it does not require any user interaction, which means this could be a wormable vulnerability. According to the advisory, “This vulnerability can only be exploited by communicating via Port 1723. An unauthenticated attacker could send a specially crafted connection request to a RAS server, which could lead to remote code execution (RCE) on the RAS server machine.”. If you have this service exposed to the Internet, it is recommended to apply the patch quickly. As a temporary workaround prior to installing the updates that address this vulnerability, you can block traffic through that port thus rendering the vulnerability unexploitable. The CVSS for this vulnerability is 9.8.

Another critical vulnerability worth mentioning is an elevation of privilege affecting Active Directory Domain Services (CVE-2022-34691). According to the advisory, “An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.”. A system is vulnerable only if Active Directory Certificate Services is running on the domain. The CVSS for this vulnerability is 8.8.

See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com/

August 2022 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Spoofing Vulnerability
CVE-2022-34716 No No Less Likely Less Likely Important 5.9 5.2
Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2022-34691 No No Less Likely Less Likely Critical 8.8 7.7
Azure Batch Node Agent Elevation of Privilege Vulnerability
CVE-2022-33646 No No More Likely More Likely Critical 7.0 6.3
Azure RTOS GUIX Studio Information Disclosure Vulnerability
CVE-2022-34685 No No Less Likely Less Likely Important 5.5 5.0
CVE-2022-34686 No No Less Likely Less Likely Important 5.5 5.0
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30175 No No Less Likely Less Likely Important 7.8 7.0
CVE-2022-30176 No No Less Likely Less Likely Important 7.8 7.0
CVE-2022-34687 No No Less Likely Less Likely Important 7.8 7.0
CVE-2022-35773 No No Less Likely Less Likely Important 7.8 7.0
CVE-2022-35779 No No Less Likely Less Likely Important 7.8 7.0
CVE-2022-35806 No No Less Likely Less Likely Important 7.8 7.0
Azure Site Recovery Denial of Service Vulnerability
CVE-2022-35776 No No Less Likely Less Likely Important 6.2 5.6
Azure Site Recovery Elevation of Privilege Vulnerability
CVE-2022-35802 No No Less Likely Less Likely Important 8.1 7.1
CVE-2022-35780 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35781 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35799 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35774 No No Less Likely Less Likely Important 4.9 4.4
CVE-2022-35800 No No Less Likely Less Likely Important 4.9 4.4
CVE-2022-35775 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35801 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35807 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35808 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35782 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35809 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35783 No No Less Likely Less Likely Important 4.4 4.0
CVE-2022-35784 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35810 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35811 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35785 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35812 No No Less Likely Less Likely Important 4.4 4.0
CVE-2022-35786 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35787 No No Less Likely Less Likely Important 4.9 4.4
CVE-2022-35813 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35788 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35814 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35789 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35815 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35790 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35816 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35817 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35791 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35818 No No Less Likely Less Likely Important 6.5 5.9
CVE-2022-35819 No No Less Likely Less Likely Important 6.5 5.9
Azure Site Recovery Remote Code Execution Vulnerability
CVE-2022-35772 No No Less Likely Less Likely Important 7.2 6.3
CVE-2022-35824 No No Less Likely Less Likely Important 7.2 6.3
Azure Sphere Information Disclosure Vulnerability
CVE-2022-35821 No No Less Likely Less Likely Important 4.4 4.0
CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass
CVE-2022-34301 No No More Likely More Likely Important    
CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass
CVE-2022-34302 No No More Likely More Likely Important    
CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass
CVE-2022-34303 No No More Likely More Likely Important    
Chromium: CVE-2022-2603 Use after free in Omnibox
CVE-2022-2603 No No - - -    
Chromium: CVE-2022-2604 Use after free in Safe Browsing
CVE-2022-2604 No No - - -    
Chromium: CVE-2022-2605 Out of bounds read in Dawn
CVE-2022-2605 No No - - -    
Chromium: CVE-2022-2606 Use after free in Managed devices API
CVE-2022-2606 No No - - -    
Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch
CVE-2022-2610 No No - - -    
Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API
CVE-2022-2611 No No - - -    
Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input
CVE-2022-2612 No No - - -    
Chromium: CVE-2022-2614 Use after free in Sign-In Flow
CVE-2022-2614 No No - - -    
Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies
CVE-2022-2615 No No - - -    
Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API
CVE-2022-2616 No No - - -    
Chromium: CVE-2022-2617 Use after free in Extensions API
CVE-2022-2617 No No - - -    
Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals
CVE-2022-2618 No No - - -    
Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings
CVE-2022-2619 No No - - -    
Chromium: CVE-2022-2621 Use after free in Extensions
CVE-2022-2621 No No - - -    
Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing
CVE-2022-2622 No No - - -    
Chromium: CVE-2022-2623 Use after free in Offline
CVE-2022-2623 No No - - -    
Chromium: CVE-2022-2624 Heap buffer overflow in PDF
CVE-2022-2624 No No - - -    
HTTP.sys Denial of Service Vulnerability
CVE-2022-35748 No No More Likely More Likely Important 7.5 6.5
Microsoft ATA Port Driver Elevation of Privilege Vulnerability
CVE-2022-35760 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2022-35796 No No Less Likely Less Likely Low 7.5 6.5
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2022-33636 No No Less Likely Less Likely Moderate 8.3 7.2
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2022-33649 No No Less Likely Less Likely Important 9.6 8.3
Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-33648 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Excel Security Feature Bypass Vulnerability
CVE-2022-33631 No No Less Likely Less Likely Important 7.3 6.4
Microsoft Exchange Information Disclosure Vulnerability
CVE-2022-21979 No No Less Likely Less Likely Important 4.8 4.2
CVE-2022-30134 Yes No Unlikely Unlikely Important 7.6 6.6
CVE-2022-34692 No No Less Likely Less Likely Important 5.3 4.6
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-21980 No No More Likely More Likely Critical 8.0 7.0
CVE-2022-24516 No No More Likely More Likely Critical 8.0 7.0
CVE-2022-24477 No No More Likely More Likely Critical 8.0 7.0
Microsoft Office Remote Code Execution Vulnerability
CVE-2022-34717 No No Less Likely Less Likely Important 8.8 7.7
Microsoft Outlook Denial of Service Vulnerability
CVE-2022-35742 No No Less Likely Less Likely Important 7.5 6.5
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2022-34713 Yes Yes More Likely More Likely Important 7.8 7.2
CVE-2022-35743 No No More Likely More Likely Important 7.8 7.0
SMB Client and Server Remote Code Execution Vulnerability
CVE-2022-35804 No No More Likely More Likely Critical 8.8 7.7
Storage Spaces Direct Elevation of Privilege Vulnerability
CVE-2022-35762 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35763 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35764 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35765 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35792 No No Less Likely Less Likely Important 7.8 6.8
System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2022-33640 No No Less Likely Less Likely Important 7.8 7.0
Unified Write Filter Elevation of Privilege Vulnerability
CVE-2022-35754 No No Less Likely Less Likely Important 6.7 5.8
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35777 No No Less Likely Less Likely Important 8.8 7.9
CVE-2022-35825 No No Less Likely Less Likely Important 8.8 7.9
CVE-2022-35826 No No Less Likely Less Likely Important 8.8 7.9
CVE-2022-35827 No No Less Likely Less Likely Important 8.8 7.9
Win32k Elevation of Privilege Vulnerability
CVE-2022-35750 No No More Likely More Likely Important 7.8 6.8
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-35820 No No More Likely More Likely Important 7.8 6.8
Windows Bluetooth Service Remote Code Execution Vulnerability
CVE-2022-30144 No No Less Likely Less Likely Important 7.5 6.5
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2022-35757 No No Less Likely Less Likely Important 7.3 6.4
Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-34705 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35771 No No Less Likely Less Likely Important 7.8 6.8
Windows Defender Credential Guard Information Disclosure Vulnerability
CVE-2022-34710 No No Less Likely Less Likely Important 5.5 4.8
CVE-2022-34712 No No Less Likely Less Likely Important 5.5 4.8
CVE-2022-34704 No No Less Likely Less Likely Important 5.5 4.8
Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-34709 No No Less Likely Less Likely Important 6.0 5.2
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-35746 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35749 No No Less Likely Less Likely Important 7.8 6.8
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2022-35795 No No Less Likely Less Likely Important 7.8 6.8
Windows Fax Service Elevation of Privilege Vulnerability
CVE-2022-34690 No No Less Likely Less Likely Important 7.1 6.2
Windows Hello Security Feature Bypass Vulnerability
CVE-2022-35797 No No Less Likely Less Likely Important 6.1 5.3
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-35751 No No More Likely More Likely Important 7.8 6.8
Windows Hyper-V Remote Code Execution Vulnerability
CVE-2022-34696 No No Less Likely Less Likely Critical 7.8 6.8
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-35756 No No More Likely More Likely Important 7.8 6.8
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-34707 No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-35761 No No More Likely More Likely Important 8.4 7.3
CVE-2022-35768 No No Less Likely Less Likely Important 7.8 6.8
Windows Kernel Information Disclosure Vulnerability
CVE-2022-30197 No No Less Likely Less Likely Important 5.5 4.8
CVE-2022-34708 No No Less Likely Less Likely Important 5.5 4.8
Windows Kernel Memory Information Disclosure Vulnerability
CVE-2022-35758 No No Less Likely Less Likely Important 5.5 4.8
Windows Local Security Authority (LSA) Denial of Service Vulnerability
CVE-2022-35759 No No Less Likely Less Likely Important 6.5 5.7
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2022-34706 No No Less Likely Less Likely Important 7.8 6.8
Windows Network File System Remote Code Execution Vulnerability
CVE-2022-34715 No No Less Likely Less Likely Important 9.8 8.5
Windows Partition Management Driver Elevation of Privilege Vulnerability
CVE-2022-33670 No No More Likely More Likely Important 7.8 6.8
CVE-2022-34703 No No More Likely More Likely Important 7.8 6.8
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
CVE-2022-35747 No No Less Likely Less Likely Important 5.9 5.2
CVE-2022-35769 No No Less Likely Less Likely Important 7.5 6.5
Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
CVE-2022-30133 No No Less Likely Less Likely Critical 9.8 8.5
CVE-2022-35744 No No Less Likely Less Likely Critical 9.8 8.5
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-35755 No No More Likely More Likely Important 7.3 6.4
CVE-2022-35793 No No More Likely More Likely Important 7.3 6.4
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability
CVE-2022-34701 No No Less Likely Less Likely Important 5.3 4.6
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-34714 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35745 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35752 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35753 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-34702 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35766 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35767 No No Less Likely Less Likely Critical 8.1 7.1
CVE-2022-35794 No No Less Likely Less Likely Critical 8.1 7.1
Windows WebBrowser Control Remote Code Execution Vulnerability
CVE-2022-30194 No No Less Likely Less Likely Important 7.5 6.5
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-34699 No No More Likely More Likely Important 7.8 6.8

--
Renato Marinho
Morphus Labs| LinkedIn|Twitter

Keywords:
0 comment(s)
ISC Stormcast For Tuesday, August 9th, 2022 https://isc.sans.edu/podcastdetail.html?id=8122

Comments


Diary Archives