Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day

Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows.

Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Fax Service, Role: Windows Hyper-V, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Hello, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, Windows Win32K.

Seventeen vulnerabilities have been rated as critical, the remaining ones are rated Important in severity.

Most of the flaws, 64, are escalation of privilege issues, followed by remote code execution, 31, and 12 information disclosure.

The IT giant addressed a remote code execution vulnerability, tracked as CVE-2022-34713, that resides in the Microsoft Windows Support Diagnostic Tool (MSDT), the flaw has been exploited by threat actors in the wild. An attacker can trigger the flaw by tricking the victims into opening specially crafted files.

Microsoft states that the issue is a variant of the Dogwalk vulnerability that was disclosed in June.

“This bug also allows code execution when MSDT is called using the URL protocol from a calling application, typically Microsoft Word. There is an element of social engineering to this as a threat actor would need to convince a user to click a link or open a document.” reads the description provided by ZDI. “It’s not clear if this vulnerability is the result of a failed patch or something new.”

Three flaws, tracked as CVE-2022-30133, CVE-2022-35744, and CVE-2022-34691, addressed by Microsoft with the release of Microsoft Patch Tuesday security updates for August 2022 are rated as critical and received a CVSS score of 9.8.

The first two flaws, CVE-2022-30133 and CVE-2022-35744, are remote code execution issues that affect the Windows Point-to-Point Protocol (PPP), the third one (CVE-2022-34691) is a privilege escalation issue in Active Directory Domain Services.

Below is the full list of vulnerabilities fixed by Microsoft:

CVE	Title	Severity	CVSS	Public	Exploited	Type
CVE-2022-34713	Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability	Important	7.8	Yes	Yes	RCE
CVE-2022-30134	Microsoft Exchange Server Elevation of Privilege Vulnerability	Important	7.6	Yes	No	EoP
CVE-2022-30133	Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability	Critical	9.8	No	No	RCE
CVE-2022-35744	Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability	Critical	9.8	No	No	RCE
CVE-2022-34691	Active Directory Domain Services Elevation of Privilege Vulnerability	Critical	8.8	No	No	EoP
CVE-2022-33646	Azure Batch Node Agent Remote Code Execution Vulnerability	Critical	7	No	No	RCE
CVE-2022-21980	Microsoft Exchange Server Elevation of Privilege Vulnerability	Critical	8	No	No	EoP
CVE-2022-24477	Microsoft Exchange Server Elevation of Privilege Vulnerability	Critical	8	No	No	EoP
CVE-2022-24516	Microsoft Exchange Server Elevation of Privilege Vulnerability	Critical	8	No	No	EoP
CVE-2022-35752	RAS Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35753	RAS Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35804	SMB Client and Server Remote Code Execution Vulnerability	Critical	8.8	No	No	RCE
CVE-2022-34696	Windows Hyper-V Remote Code Execution Vulnerability	Critical	7.8	No	No	RCE
CVE-2022-34702	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-34714	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35745	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35766	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35767	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-35794	Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability	Critical	8.1	No	No	RCE
CVE-2022-34716	.NET Spoofing Vulnerability	Important	5.9	No	No	Spoofing
CVE-2022-34685	Azure RTOS GUIX Studio Information Disclosure Vulnerability	Important	7.8	No	No	Info
CVE-2022-34686	Azure RTOS GUIX Studio Information Disclosure Vulnerability	Important	7.8	No	No	Info
CVE-2022-30175	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-30176	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-34687	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-35773	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-35779	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-35806	Azure RTOS GUIX Studio Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-35776	Azure Site Recovery Denial of Service Vulnerability	Important	6.2	No	No	DoS
CVE-2022-35802	Azure Site Recovery Elevation of Privilege Vulnerability	Important	8.1	No	No	EoP
CVE-2022-35775	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35780	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35781	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35782	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35784	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35785	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35786	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35788	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35789	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35790	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35791	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35799	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35801	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35807	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35808	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35809	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35810	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35811	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35813	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35814	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35815	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35816	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35817	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35818	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35819	Azure Site Recovery Elevation of Privilege Vulnerability	Important	6.5	No	No	EoP
CVE-2022-35774	Azure Site Recovery Elevation of Privilege Vulnerability	Important	4.9	No	No	EoP
CVE-2022-35787	Azure Site Recovery Elevation of Privilege Vulnerability	Important	4.9	No	No	EoP
CVE-2022-35800	Azure Site Recovery Elevation of Privilege Vulnerability	Important	4.9	No	No	EoP
CVE-2022-35783	Azure Site Recovery Elevation of Privilege Vulnerability	Important	4.4	No	No	EoP
CVE-2022-35812	Azure Site Recovery Elevation of Privilege Vulnerability	Important	4.4	No	No	EoP
CVE-2022-35824	Azure Site Recovery Remote Code Execution Vulnerability	Important	Unknown	No	No	RCE
CVE-2022-35772	Azure Site Recovery Remote Code Execution Vulnerability	Important	7.2	No	No	RCE
CVE-2022-35821	Azure Sphere Information Disclosure Vulnerability	Important	4.4	No	No	Info
CVE-2022-34301 *	CERT/CC: CVE-2022-34301 Eurosoft Boot Loader Bypass	Important	N/A	No	No	SFB
CVE-2022-34302 *	CERT/CC: CVE-2022-34302 New Horizon Data Systems Inc Boot Loader Bypass	Important	N/A	No	No	SFB
CVE-2022-34303 *	CERT/CC: CVE-20220-34303 Crypto Pro Boot Loader Bypass	Important	N/A	No	No	SFB
CVE-2022-35748	HTTP.sys Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2022-35760	Microsoft ATA Port Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-33649	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	Important	9.6	No	No	SFB
CVE-2022-33648	Microsoft Excel Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-33631	Microsoft Excel Security Feature Bypass Vulnerability	Important	7.3	No	No	SFB
CVE-2022-34692	Microsoft Exchange Information Disclosure Vulnerability	Important	5.3	No	No	Info
CVE-2022-21979	Microsoft Exchange Information Disclosure Vulnerability	Important	4.8	No	No	Info
CVE-2022-34717	Microsoft Office Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2022-35742	Microsoft Outlook Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2022-35743	Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability	Important	7.8	No	No	RCE
CVE-2022-35762	Storage Spaces Direct Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35763	Storage Spaces Direct Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35764	Storage Spaces Direct Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35765	Storage Spaces Direct Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35792	Storage Spaces Direct Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-33640	System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35754	Unified Write Filter Elevation of Privilege Vulnerability	Important	6.7	No	No	EoP
CVE-2022-35777	Visual Studio Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2022-35825	Visual Studio Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2022-35826	Visual Studio Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2022-35827	Visual Studio Remote Code Execution Vulnerability	Important	8.8	No	No	RCE
CVE-2022-35750	Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35820	Windows Bluetooth Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-30144	Windows Bluetooth Service Remote Code Execution Vulnerability	Important	7.5	No	No	RCE
CVE-2022-35757	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	Important	7.3	No	No	EoP
CVE-2022-34705	Windows Defender Credential Guard Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35771	Windows Defender Credential Guard Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-34704	Windows Defender Credential Guard Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2022-34710	Windows Defender Credential Guard Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2022-34712	Windows Defender Credential Guard Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2022-34709	Windows Defender Credential Guard Security Feature Bypass Vulnerability	Important	6	No	No	SFB
CVE-2022-35746	Windows Digital Media Receiver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35749	Windows Digital Media Receiver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35795	Windows Error Reporting Service Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-34690	Windows Fax Service Elevation of Privilege Vulnerability	Important	7.1	No	No	EoP
CVE-2022-35797	Windows Hello Security Feature Bypass Vulnerability	Important	6.1	No	No	SFB
CVE-2022-35751	Windows Hyper-V Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35756	Windows Kerberos Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35761	Windows Kernel Elevation of Privilege Vulnerability	Important	8.4	No	No	EoP
CVE-2022-34707	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35768	Windows Kernel Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-34708	Windows Kernel Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2022-35758	Windows Kernel Memory Information Disclosure Vulnerability	Important	5.5	No	No	Info
CVE-2022-30197	Windows Kernel Security Feature Bypass	Important	7.8	No	No	SFB
CVE-2022-35759	Windows Local Security Authority (LSA) Denial of Service Vulnerability	Important	6.5	No	No	DoS
CVE-2022-34706	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-34715	Windows Network File System Remote Code Execution Vulnerability	Important	9.8	No	No	RCE
CVE-2022-33670	Windows Partition Management Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-34703	Windows Partition Management Driver Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-35769	Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability	Important	7.5	No	No	DoS
CVE-2022-35747	Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability	Important	5.9	No	No	DoS
CVE-2022-35755	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.3	No	No	EoP
CVE-2022-35793	Windows Print Spooler Elevation of Privilege Vulnerability	Important	7.3	No	No	EoP
CVE-2022-34701	Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability	Important	5.3	No	No	DoS
CVE-2022-30194	Windows WebBrowser Control Remote Code Execution Vulnerability	Important	7.5	No	No	RCE
CVE-2022-34699	Windows Win32k Elevation of Privilege Vulnerability	Important	7.8	No	No	EoP
CVE-2022-33636	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability	Moderate	8.3	No	No	RCE
CVE-2022-35796	Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability	Low	7.5	No	No	EoP
CVE-2022-2603 *	Chromium: CVE-2022-2603 Use after free in Omnibox	High	N/A	No	No	RCE
CVE-2022-2604 *	Chromium: CVE-2022-2604 Use after free in Safe Browsing	High	N/A	No	No	RCE
CVE-2022-2605 *	Chromium: CVE-2022-2605 Out of bounds read in Dawn	High	N/A	No	No	RCE
CVE-2022-2606 *	Chromium: CVE-2022-2606 Use after free in Managed devices API	High	N/A	No	No	RCE
CVE-2022-2610 *	Chromium: CVE-2022-2610 Insufficient policy enforcement in Background Fetch	Medium	N/A	No	No	SFB
CVE-2022-2611 *	Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API	Medium	N/A	No	No	N/A
CVE-2022-2612 *	Chromium: CVE-2022-2612 Side-channel information leakage in Keyboard input	Medium	N/A	No	No	Info
CVE-2022-2614 *	Chromium: CVE-2022-2614 Use after free in Sign-In Flow	Medium	N/A	No	No	RCE
CVE-2022-2615 *	Chromium: CVE-2022-2615 Insufficient policy enforcement in Cookies	Medium	N/A	No	No	SFB
CVE-2022-2616 *	Chromium: CVE-2022-2616 Inappropriate implementation in Extensions API	Medium	N/A	No	No	N/A
CVE-2022-2617 *	Chromium: CVE-2022-2617 Use after free in Extensions API	Medium	N/A	No	No	RCE
CVE-2022-2618 *	Chromium: CVE-2022-2618 Insufficient validation of untrusted input in Internals	Medium	N/A	No	No	Spoofing
CVE-2022-2619 *	Chromium: CVE-2022-2619 Insufficient validation of untrusted input in Settings	Medium	N/A	No	No	Spoofing
CVE-2022-2621 *	Chromium: CVE-2022-2621 Use after free in Extensions	Medium	N/A	No	No	RCE
CVE-2022-2622 *	Chromium: CVE-2022-2622 Insufficient validation of untrusted input in Safe Browsing	Medium	N/A	No	No	Spoofing
CVE-2022-2623 *	Chromium: CVE-2022-2623 Use after free in Offline	Medium	N/A	No	No	RCE
CVE-2022-2624 *	Chromium: CVE-2022-2624 Heap buffer overflow in PDF	Medium	N/A	No	No	RCE

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Microsoft Patch Tuesday)

The post Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day appeared first on Security Affairs.