Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day

Pierluigi Paganini August 09, 2022

Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows.

Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Fax Service, Role: Windows Hyper-V, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Hello, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K.

Seventeen vulnerabilities have been rated as critical, the remaining ones are rated Important in severity.

Most of the flaws, 64, are escalation of privilege issues, followed by remote code execution, 31, and 12 information disclosure.

The IT giant addressed a remote code execution vulnerability, tracked as CVE-2022-34713, that resides in the Microsoft Windows Support Diagnostic Tool (MSDT), the flaw has been exploited by threat actors in the wild. An attacker can trigger the flaw by tricking the victims into opening specially crafted files.

Microsoft states that the issue is a variant of the Dogwalk vulnerability that was disclosed in June.

“This bug also allows code execution when MSDT is called using the URL protocol from a calling application, typically Microsoft Word. There is an element of social engineering to this as a threat actor would need to convince a user to click a link or open a document.” reads the description provided by ZDI. “It’s not clear if this vulnerability is the result of a failed patch or something new.”

Three flaws, tracked as CVE-2022-30133CVE-2022-35744, and CVE-2022-34691, addressed by Microsoft with the release of Microsoft Patch Tuesday security updates for August 2022 are rated as critical and received a CVSS score of 9.8.

The first two flaws, CVE-2022-30133 and CVE-2022-35744, are remote code execution issues that affect the Windows Point-to-Point Protocol (PPP), the third one (CVE-2022-34691) is a privilege escalation issue in Active Directory Domain Services.

Below is the full list of vulnerabilities fixed by Microsoft:

CVETitleSeverityCVSSPublicExploitedType
CVE-2022-34713Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution VulnerabilityImportant7.8YesYesRCE
CVE-2022-30134Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant7.6YesNoEoP
CVE-2022-30133Windows Point-to-Point Protocol (PPP) Remote Code Execution VulnerabilityCritical9.8NoNoRCE
CVE-2022-35744Windows Point-to-Point Protocol (PPP) Remote Code Execution VulnerabilityCritical9.8NoNoRCE
CVE-2022-34691Active Directory Domain Services Elevation of Privilege VulnerabilityCritical8.8NoNoEoP
CVE-2022-33646Azure Batch Node Agent Remote Code Execution VulnerabilityCritical7NoNoRCE
CVE-2022-21980Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoP
CVE-2022-24477Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoP
CVE-2022-24516Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical8NoNoEoP
CVE-2022-35752RAS Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35753RAS Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35804SMB Client and Server Remote Code Execution VulnerabilityCritical8.8NoNoRCE
CVE-2022-34696Windows Hyper-V Remote Code Execution VulnerabilityCritical7.8NoNoRCE
CVE-2022-34702Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-34714Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35745Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35766Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35767Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-35794Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution VulnerabilityCritical8.1NoNoRCE
CVE-2022-34716.NET Spoofing VulnerabilityImportant5.9NoNoSpoofing
CVE-2022-34685Azure RTOS GUIX Studio Information Disclosure VulnerabilityImportant7.8NoNoInfo
CVE-2022-34686Azure RTOS GUIX Studio Information Disclosure VulnerabilityImportant7.8NoNoInfo
CVE-2022-30175Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-30176Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-34687Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-35773Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-35779Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-35806Azure RTOS GUIX Studio Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-35776Azure Site Recovery Denial of Service VulnerabilityImportant6.2NoNoDoS
CVE-2022-35802Azure Site Recovery Elevation of Privilege VulnerabilityImportant8.1NoNoEoP
CVE-2022-35775Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35780Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35781Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35782Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35784Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35785Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35786Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35788Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35789Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35790Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35791Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35799Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35801Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35807Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35808Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35809Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35810Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35811Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35813Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35814Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35815Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35816Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35817Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35818Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35819Azure Site Recovery Elevation of Privilege VulnerabilityImportant6.5NoNoEoP
CVE-2022-35774Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoP
CVE-2022-35787Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoP
CVE-2022-35800Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.9NoNoEoP
CVE-2022-35783Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.4NoNoEoP
CVE-2022-35812Azure Site Recovery Elevation of Privilege VulnerabilityImportant4.4NoNoEoP
CVE-2022-35824Azure Site Recovery Remote Code Execution VulnerabilityImportantUnknownNoNoRCE
CVE-2022-35772Azure Site Recovery Remote Code Execution VulnerabilityImportant7.2NoNoRCE
CVE-2022-35821Azure Sphere Information Disclosure VulnerabilityImportant4.4NoNoInfo
CVE-2022-34301 *CERT/CC: CVE-2022-34301 Eurosoft Boot Loader BypassImportantN/ANoNoSFB
CVE-2022-34302 *CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader BypassImportantN/ANoNoSFB
CVE-2022-34303 *CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader BypassImportantN/ANoNoSFB
CVE-2022-35748HTTP.sys Denial of Service VulnerabilityImportant7.5NoNoDoS
CVE-2022-35760Microsoft ATA Port Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-33649Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityImportant9.6NoNoSFB
CVE-2022-33648Microsoft Excel Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-33631Microsoft Excel Security Feature Bypass VulnerabilityImportant7.3NoNoSFB
CVE-2022-34692Microsoft Exchange Information Disclosure VulnerabilityImportant5.3NoNoInfo
CVE-2022-21979Microsoft Exchange Information Disclosure VulnerabilityImportant4.8NoNoInfo
CVE-2022-34717Microsoft Office Remote Code Execution VulnerabilityImportant8.8NoNoRCE
CVE-2022-35742Microsoft Outlook Denial of Service VulnerabilityImportant7.5NoNoDoS
CVE-2022-35743Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution VulnerabilityImportant7.8NoNoRCE
CVE-2022-35762Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35763Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35764Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35765Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35792Storage Spaces Direct Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-33640System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35754Unified Write Filter Elevation of Privilege VulnerabilityImportant6.7NoNoEoP
CVE-2022-35777Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCE
CVE-2022-35825Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCE
CVE-2022-35826Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCE
CVE-2022-35827Visual Studio Remote Code Execution VulnerabilityImportant8.8NoNoRCE
CVE-2022-35750Win32k Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35820Windows Bluetooth Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-30144Windows Bluetooth Service Remote Code Execution VulnerabilityImportant7.5NoNoRCE
CVE-2022-35757Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityImportant7.3NoNoEoP
CVE-2022-34705Windows Defender Credential Guard Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35771Windows Defender Credential Guard Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-34704Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfo
CVE-2022-34710Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfo
CVE-2022-34712Windows Defender Credential Guard Information Disclosure VulnerabilityImportant5.5NoNoInfo
CVE-2022-34709Windows Defender Credential Guard Security Feature Bypass VulnerabilityImportant6NoNoSFB
CVE-2022-35746Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35749Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35795Windows Error Reporting Service Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-34690Windows Fax Service Elevation of Privilege VulnerabilityImportant7.1NoNoEoP
CVE-2022-35797Windows Hello Security Feature Bypass VulnerabilityImportant6.1NoNoSFB
CVE-2022-35751Windows Hyper-V Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35756Windows Kerberos Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35761Windows Kernel Elevation of Privilege VulnerabilityImportant8.4NoNoEoP
CVE-2022-34707Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35768Windows Kernel Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-34708Windows Kernel Information Disclosure VulnerabilityImportant5.5NoNoInfo
CVE-2022-35758Windows Kernel Memory Information Disclosure VulnerabilityImportant5.5NoNoInfo
CVE-2022-30197Windows Kernel Security Feature BypassImportant7.8NoNoSFB
CVE-2022-35759Windows Local Security Authority (LSA) Denial of Service VulnerabilityImportant6.5NoNoDoS
CVE-2022-34706Windows Local Security Authority (LSA) Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-34715Windows Network File System Remote Code Execution VulnerabilityImportant9.8NoNoRCE
CVE-2022-33670Windows Partition Management Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-34703Windows Partition Management Driver Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-35769Windows Point-to-Point Protocol (PPP) Denial of Service VulnerabilityImportant7.5NoNoDoS
CVE-2022-35747Windows Point-to-Point Protocol (PPP) Denial of Service VulnerabilityImportant5.9NoNoDoS
CVE-2022-35755Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.3NoNoEoP
CVE-2022-35793Windows Print Spooler Elevation of Privilege VulnerabilityImportant7.3NoNoEoP
CVE-2022-34701Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service VulnerabilityImportant5.3NoNoDoS
CVE-2022-30194Windows WebBrowser Control Remote Code Execution VulnerabilityImportant7.5NoNoRCE
CVE-2022-34699Windows Win32k Elevation of Privilege VulnerabilityImportant7.8NoNoEoP
CVE-2022-33636Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerate8.3NoNoRCE
CVE-2022-35796Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityLow7.5NoNoEoP
CVE-2022-2603 *Chromium: CVE-2022-2603 Use after free in OmniboxHighN/ANoNoRCE
CVE-2022-2604 *Chromium: CVE-2022-2604 Use after free in Safe BrowsingHighN/ANoNoRCE
CVE-2022-2605 *Chromium: CVE-2022-2605 Out of bounds read in DawnHighN/ANoNoRCE
CVE-2022-2606 *Chromium: CVE-2022-2606 Use after free in Managed devices APIHighN/ANoNoRCE
CVE-2022-2610 *Chromium: CVE-2022-2610 Insufficient policy enforcement in Background FetchMediumN/ANoNoSFB
CVE-2022-2611 *Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen APIMediumN/ANoNoN/A
CVE-2022-2612 *Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard inputMediumN/ANoNoInfo
CVE-2022-2614 *Chromium: CVE-2022-2614 Use after free in Sign-In FlowMediumN/ANoNoRCE
CVE-2022-2615 *Chromium: CVE-2022-2615 Insufficient policy enforcement in CookiesMediumN/ANoNoSFB
CVE-2022-2616 *Chromium: CVE-2022-2616 Inappropriate implementation in Extensions APIMediumN/ANoNoN/A
CVE-2022-2617 *Chromium: CVE-2022-2617 Use after free in Extensions APIMediumN/ANoNoRCE
CVE-2022-2618 *Chromium: CVE-2022-2618 Insufficient validation of untrusted input in InternalsMediumN/ANoNoSpoofing
CVE-2022-2619 *Chromium: CVE-2022-2619 Insufficient validation of untrusted input in SettingsMediumN/ANoNoSpoofing
CVE-2022-2621 *Chromium: CVE-2022-2621 Use after free in ExtensionsMediumN/ANoNoRCE
CVE-2022-2622 *Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe BrowsingMediumN/ANoNoSpoofing
CVE-2022-2623 *Chromium: CVE-2022-2623 Use after free in OfflineMediumN/ANoNoRCE
CVE-2022-2624 *Chromium: CVE-2022-2624 Heap buffer overflow in PDFMediumN/ANoNoRCE

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment