Pierluigi Paganini
August 09, 2022
Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Fax Service, Role: Windows Hyper-V, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Hello, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K.
Seventeen vulnerabilities have been rated as critical, the remaining ones are rated Important in severity.
Most of the flaws, 64, are escalation of privilege issues, followed by remote code execution, 31, and 12 information disclosure.
The IT giant addressed a remote code execution vulnerability, tracked as CVE-2022-34713, that resides in the Microsoft Windows Support Diagnostic Tool (MSDT), the flaw has been exploited by threat actors in the wild. An attacker can trigger the flaw by tricking the victims into opening specially crafted files.
Microsoft states that the issue is a variant of the Dogwalk vulnerability that was disclosed in June.
“This bug also allows code execution when MSDT is called using the URL protocol from a calling application, typically Microsoft Word. There is an element of social engineering to this as a threat actor would need to convince a user to click a link or open a document.” reads the description provided by ZDI. “It’s not clear if this vulnerability is the result of a failed patch or something new.”
Three flaws, tracked as CVE-2022-30133, CVE-2022-35744, and CVE-2022-34691, addressed by Microsoft with the release of Microsoft Patch Tuesday security updates for August 2022 are rated as critical and received a CVSS score of 9.8.
The first two flaws, CVE-2022-30133 and CVE-2022-35744, are remote code execution issues that affect the Windows Point-to-Point Protocol (PPP), the third one (CVE-2022-34691) is a privilege escalation issue in Active Directory Domain Services.
Below is the full list of vulnerabilities fixed by Microsoft:
| CVE | Title | Severity | CVSS | Public | Exploited | Type |
| CVE-2022-34713 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | Important | 7.8 | Yes | Yes | RCE |
| CVE-2022-30134 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important | 7.6 | Yes | No | EoP |
| CVE-2022-30133 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | RCE |
| CVE-2022-35744 | Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability | Critical | 9.8 | No | No | RCE |
| CVE-2022-34691 | Active Directory Domain Services Elevation of Privilege Vulnerability | Critical | 8.8 | No | No | EoP |
| CVE-2022-33646 | Azure Batch Node Agent Remote Code Execution Vulnerability | Critical | 7 | No | No | RCE |
| CVE-2022-21980 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 | No | No | EoP |
| CVE-2022-24477 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 | No | No | EoP |
| CVE-2022-24516 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Critical | 8 | No | No | EoP |
| CVE-2022-35752 | RAS Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35753 | RAS Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35804 | SMB Client and Server Remote Code Execution Vulnerability | Critical | 8.8 | No | No | RCE |
| CVE-2022-34696 | Windows Hyper-V Remote Code Execution Vulnerability | Critical | 7.8 | No | No | RCE |
| CVE-2022-34702 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-34714 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35745 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35766 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35767 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-35794 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
| CVE-2022-34716 | .NET Spoofing Vulnerability | Important | 5.9 | No | No | Spoofing |
| CVE-2022-34685 | Azure RTOS GUIX Studio Information Disclosure Vulnerability | Important | 7.8 | No | No | Info |
| CVE-2022-34686 | Azure RTOS GUIX Studio Information Disclosure Vulnerability | Important | 7.8 | No | No | Info |
| CVE-2022-30175 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-30176 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-34687 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-35773 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-35779 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-35806 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-35776 | Azure Site Recovery Denial of Service Vulnerability | Important | 6.2 | No | No | DoS |
| CVE-2022-35802 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 8.1 | No | No | EoP |
| CVE-2022-35775 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35780 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35781 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35782 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35784 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35785 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35786 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35788 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35789 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35790 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35791 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35799 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35801 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35807 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35808 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35809 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35810 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35811 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35813 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35814 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35815 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35816 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35817 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35818 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35819 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 6.5 | No | No | EoP |
| CVE-2022-35774 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 | No | No | EoP |
| CVE-2022-35787 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 | No | No | EoP |
| CVE-2022-35800 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.9 | No | No | EoP |
| CVE-2022-35783 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.4 | No | No | EoP |
| CVE-2022-35812 | Azure Site Recovery Elevation of Privilege Vulnerability | Important | 4.4 | No | No | EoP |
| CVE-2022-35824 | Azure Site Recovery Remote Code Execution Vulnerability | Important | Unknown | No | No | RCE |
| CVE-2022-35772 | Azure Site Recovery Remote Code Execution Vulnerability | Important | 7.2 | No | No | RCE |
| CVE-2022-35821 | Azure Sphere Information Disclosure Vulnerability | Important | 4.4 | No | No | Info |
| CVE-2022-34301 * | CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass | Important | N/A | No | No | SFB |
| CVE-2022-34302 * | CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass | Important | N/A | No | No | SFB |
| CVE-2022-34303 * | CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass | Important | N/A | No | No | SFB |
| CVE-2022-35748 | HTTP.sys Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2022-35760 | Microsoft ATA Port Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-33649 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | Important | 9.6 | No | No | SFB |
| CVE-2022-33648 | Microsoft Excel Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-33631 | Microsoft Excel Security Feature Bypass Vulnerability | Important | 7.3 | No | No | SFB |
| CVE-2022-34692 | Microsoft Exchange Information Disclosure Vulnerability | Important | 5.3 | No | No | Info |
| CVE-2022-21979 | Microsoft Exchange Information Disclosure Vulnerability | Important | 4.8 | No | No | Info |
| CVE-2022-34717 | Microsoft Office Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2022-35742 | Microsoft Outlook Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2022-35743 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
| CVE-2022-35762 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35763 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35764 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35765 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35792 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-33640 | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35754 | Unified Write Filter Elevation of Privilege Vulnerability | Important | 6.7 | No | No | EoP |
| CVE-2022-35777 | Visual Studio Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2022-35825 | Visual Studio Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2022-35826 | Visual Studio Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2022-35827 | Visual Studio Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
| CVE-2022-35750 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35820 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-30144 | Windows Bluetooth Service Remote Code Execution Vulnerability | Important | 7.5 | No | No | RCE |
| CVE-2022-35757 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | Important | 7.3 | No | No | EoP |
| CVE-2022-34705 | Windows Defender Credential Guard Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35771 | Windows Defender Credential Guard Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-34704 | Windows Defender Credential Guard Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2022-34710 | Windows Defender Credential Guard Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2022-34712 | Windows Defender Credential Guard Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2022-34709 | Windows Defender Credential Guard Security Feature Bypass Vulnerability | Important | 6 | No | No | SFB |
| CVE-2022-35746 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35749 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35795 | Windows Error Reporting Service Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-34690 | Windows Fax Service Elevation of Privilege Vulnerability | Important | 7.1 | No | No | EoP |
| CVE-2022-35797 | Windows Hello Security Feature Bypass Vulnerability | Important | 6.1 | No | No | SFB |
| CVE-2022-35751 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35756 | Windows Kerberos Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35761 | Windows Kernel Elevation of Privilege Vulnerability | Important | 8.4 | No | No | EoP |
| CVE-2022-34707 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35768 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-34708 | Windows Kernel Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2022-35758 | Windows Kernel Memory Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
| CVE-2022-30197 | Windows Kernel Security Feature Bypass | Important | 7.8 | No | No | SFB |
| CVE-2022-35759 | Windows Local Security Authority (LSA) Denial of Service Vulnerability | Important | 6.5 | No | No | DoS |
| CVE-2022-34706 | Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-34715 | Windows Network File System Remote Code Execution Vulnerability | Important | 9.8 | No | No | RCE |
| CVE-2022-33670 | Windows Partition Management Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-34703 | Windows Partition Management Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-35769 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | Important | 7.5 | No | No | DoS |
| CVE-2022-35747 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | Important | 5.9 | No | No | DoS |
| CVE-2022-35755 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.3 | No | No | EoP |
| CVE-2022-35793 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.3 | No | No | EoP |
| CVE-2022-34701 | Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability | Important | 5.3 | No | No | DoS |
| CVE-2022-30194 | Windows WebBrowser Control Remote Code Execution Vulnerability | Important | 7.5 | No | No | RCE |
| CVE-2022-34699 | Windows Win32k Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
| CVE-2022-33636 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | Moderate | 8.3 | No | No | RCE |
| CVE-2022-35796 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Low | 7.5 | No | No | EoP |
| CVE-2022-2603 * | Chromium: CVE-2022-2603 Use after free in Omnibox | High | N/A | No | No | RCE |
| CVE-2022-2604 * | Chromium: CVE-2022-2604 Use after free in Safe Browsing | High | N/A | No | No | RCE |
| CVE-2022-2605 * | Chromium: CVE-2022-2605 Out of bounds read in Dawn | High | N/A | No | No | RCE |
| CVE-2022-2606 * | Chromium: CVE-2022-2606 Use after free in Managed devices API | High | N/A | No | No | RCE |
| CVE-2022-2610 * | Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch | Medium | N/A | No | No | SFB |
| CVE-2022-2611 * | Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API | Medium | N/A | No | No | N/A |
| CVE-2022-2612 * | Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input | Medium | N/A | No | No | Info |
| CVE-2022-2614 * | Chromium: CVE-2022-2614 Use after free in Sign-In Flow | Medium | N/A | No | No | RCE |
| CVE-2022-2615 * | Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies | Medium | N/A | No | No | SFB |
| CVE-2022-2616 * | Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API | Medium | N/A | No | No | N/A |
| CVE-2022-2617 * | Chromium: CVE-2022-2617 Use after free in Extensions API | Medium | N/A | No | No | RCE |
| CVE-2022-2618 * | Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals | Medium | N/A | No | No | Spoofing |
| CVE-2022-2619 * | Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings | Medium | N/A | No | No | Spoofing |
| CVE-2022-2621 * | Chromium: CVE-2022-2621 Use after free in Extensions | Medium | N/A | No | No | RCE |
| CVE-2022-2622 * | Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing | Medium | N/A | No | No | Spoofing |
| CVE-2022-2623 * | Chromium: CVE-2022-2623 Use after free in Offline | Medium | N/A | No | No | RCE |
| CVE-2022-2624 * | Chromium: CVE-2022-2624 Heap buffer overflow in PDF | Medium | N/A | No | No | RCE |
Follow me on Twitter: @securityaffairs and Facebook
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Microsoft Patch Tuesday)
[adrotate banner=”5″]
[adrotate banner=”13″]
