Big Tuesday of patches from Microsoft

Microsoft published various updates to their products that contained 79 patches. Let's skim through the most prominent ones.

Almost all major OSs from Microsoft were highly affected by this massive patch. Around 40 CVEs were fixed for each of the following products:

  • Windows Server 2022 (Server Core installation)
  • Windows Server 2022
  • Windows Server 2019 (Server Core installation)
  • Windows Server 2016
  • Windows Server 2016 (Server Core installation)
  • Windows 11 for ARM64-based Systems
  • Windows Server 2022 Azure Edition Core Hotpatch
  • Windows 11 for x64-based Systems
  • Windows Server 2012 R2 (Server Core installation)
  • Windows Server 2012 R2
  • Windows 10 Version 1809 for x64-based Systems
  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 20H2 for 32-bit Systems
  • Windows 10 Version 20H2 for x64-based Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 10 Version 20H2 for ARM64-based Systems
  • Windows 10 Version 21H1 for ARM64-based Systems
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows 10 Version 21H1 for 32-bit Systems
  • Windows 10 Version 21H1 for x64-based Systems
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows 10 Version 1607 for x64-based Systems
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012 (Server Core installation)
  • Windows 10 for 32-bit Systems
  • Windows Server 2012

The distribution of impacts among different product looks like this:

  • Remote Code Execution was fixed in 79 products
  • Denial of Service - 48
  • Elevation of Privilege - 44
  • Information Disclosure - 40
  • Security Feature Bypass - 9

The list of top CVEs widespread in Microsoft products affected (in brackets - number of platforms and products affected):

  • CVE-2022-26929: .NET Framework Remote Code Execution Vulnerability (115)
  • CVE-2022-35803: Windows Common Log File System Driver Elevation of Privilege Vulnerability (54)
  • CVE-2022-38006: Windows Graphics Component Information Disclosure Vulnerability (54)
  • CVE-2022-38005: Windows Print Spooler Elevation of Privilege Vulnerability (54)
  • CVE-2022-37956: Windows Kernel Elevation of Privilege Vulnerability (54)
  • CVE-2022-37955: Windows Group Policy Elevation of Privilege Vulnerability (54)
  • CVE-2022-34734: Microsoft ODBC Driver Remote Code Execution Vulnerability (54)
  • CVE-2022-34733: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (54)
  • CVE-2022-34729: Windows GDI Elevation of Privilege Vulnerability (54)
  • CVE-2022-34722: Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability (54)
  • CVE-2022-34720: Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability (54)
  • CVE-2022-34718: Windows TCP/IP Remote Code Execution Vulnerability (54)
  • CVE-2022-34719: Windows Distributed File System (DFS) Elevation of Privilege Vulnerability (54)
  • CVE-2022-30200: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (54)
  • CVE-2022-30170: Windows Credential Roaming Service Elevation of Privilege Vulnerability (54)
  • CVE-2022-38004: Windows Fax Service Remote Code Execution Vulnerability (53)
  • CVE-2022-37958: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability (46)
  • CVE-2022-35833: Windows Secure Channel Denial of Service Vulnerability (46)
  • CVE-2022-35832: Windows Event Tracing Denial of Service Vulnerability (42)
  • CVE-2022-34725: Windows ALPC Elevation of Privilege Vulnerability (38)
  • CVE-2022-35831: Windows Remote Access Connection Manager Information Disclosure Vulnerability (34)
  • CVE-2022-34724: Windows DNS Server Denial of Service Vulnerability (27)
  • CVE-2022-35830: Remote Procedure Call Runtime Remote Code Execution Vulnerability (27)
  • CVE-2022-33679: Windows Kerberos Elevation of Privilege Vulnerability (27)
  • CVE-2022-35841: Windows Enterprise App Management Service Remote Code Execution Vulnerability (25)
  • CVE-2022-26928: Windows Photo Import API Elevation of Privilege Vulnerability (24)
  • CVE-2022-38011: Raw Image Extension Remote Code Execution Vulnerability (19)
  • CVE-2022-37954: DirectX Graphics Kernel Elevation of Privilege Vulnerability (19)
  • CVE-2022-37962: Microsoft PowerPoint Remote Code Execution Vulnerability (13)
  • CVE-2022-37959: Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability (11)
  • CVE-2022-38010: Microsoft Office Visio Remote Code Execution Vulnerability (10)
  • CVE-2022-38013: .NET Core and Visual Studio Denial of Service Vulnerability (8)
  • CVE-2022-35838: HTTP V3 Denial of Service Vulnerability (5)
  • CVE-2022-38007: Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability (2)
  • CVE-2022-34723: Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability (2)
  • CVE-2022-34700: Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability (2)
  • CVE-2022-35828: Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability (1)
  • CVE-2022-23960: Arm: Cache Speculation Restriction Vulnerability (1)
  • CVE-2022-38019: AV1 Video Extension Remote Code Execution Vulnerability (1)

Useful Links