microsoft has released its Patch Tuesday for August 2022 to fix 121 security flaws that have been found in its products, which include things like Exchange Server as well as classic Windows and Office.
Of the 121 security flaws patched, 17 marked critical, 102 important, 1 as moderate and 1 as low risk. Of all of them, only two were publicly known at the time of the patch release. It’s important to note that Microsoft Edge, the Chromium-based web browser, is in a different league having had a separate 25 bug fixes between the end of July and the end of last week.
The Redmond giant, of everything patched, has stood out a vulnerability that opened the door to remote code execution via Microsoft Performance and Resource Monitor (MSDT), a Windows tool that generates a report of the status of local hardware resources, system response times, and local computer processes along with system information and configuration data. Exploitation of the vulnerability required the user to open a file specifically created for that purpose, which is why techniques such as phishing and deception are introduced by downloading a file hosted on a malicious website or via email.
The remote code execution found in MSDT, identified as CVE-2022-34713, is not the only vulnerability found in the tool, as Microsoft has patched another of the same type identified as CVE-2022-35743.
Continuing with the remote executions, we find fixes for this type of vulnerability applied to Windows Point-to-Point Protocol (PPP), Windows Secure Sockets Tunneling Protocol (SSTP), Azure RTOS GUIX Studio, Microsoft Office and the Hyper-V hypervisor included in the Windows operating system.
Another type of vulnerability with protagonism are the privilege escalations. Three such vulnerabilities have been found in the Exchange Server (CVE-2022-21980, CVE-2022-24477 and CVE-2022-24516) that, when exploited, could be used to read specific email messages and download the attached files they contained. On the other hand, a publicly known security flaw (CVE-2022-30134) has been patched in the same component, which opened the door to doing the same.
The Tuesday Patch is responsible for correcting dozens of security flaws consisting of privilege escalations, 31 of which were found in Azure Site Recovery. This is in addition to what the company did a month ago, when it fixed thirty similar flaws in the Business Continuity Service, five in Storage Spaces Direct, three in the Windows kernel itself, and two in the Print Spooler module.
The publication of these types of patches to fix a large number of vulnerabilities in batches are common among software solutions that reach a certain size. They also exist, although possibly published under other formats and with other cadences, for Linux distributions, Android, Adobe solutions, Intel products, etc.
