Patch Tuesday is back. With a grand total of 121 vulnerabilities; 17 Critical, 2 publicly disclosed and 1 exploited in the wild, this looks to be the busiest patch Tuesday we have had in months. Elevation of privilege and remote code execution continue to be the leaders in classification with 64 and 31 respectively. With such a high number of total vulnerabilities as well as the proportion that are critical it is unusual to see publicly disclosed and exploited in the wild so low.
August’s instalment includes patches for some key software such as:
CVE-2022-34713: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
With a CVSS of 7.8 and labelled as important. This is the only vulnerability this month to be publicly disclosed and seen in the wild. This vulnerability requires a user to open a specially crafted file. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability.
CVE-2022-30134: Microsoft Exchange Information Disclosure Vulnerability
This important vulnerability is the second vulnerability to be publicly disclosed. With a score of 7.8, this vulnerability could allow an attacker to read targeted email messages if the victim is persuaded to connect to a malicious server. Customers vulnerable to this issue would need to enable Extended Protection in order to prevent this attack.
CVE-2022-34691: Active Directory Domain Services Elevation of Privilege Vulnerability
This critical vulnerability with a score of 8.8 could allow an authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow elevation of privilege to System.
31 Elevation of Privilege Vulnerabilities: Azure Site Recovery
Azure Site Recovery is a service that is used for disaster recovery. With a massive 31 separate vulnerabilities to do with this service scoring from 4.4 to 8.1, this offers a serious threat to organisations using this service.
For a full list of this month’s updates please see the links below:
Patch Tuesday release notes: https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug
Security update guide: https://msrc.microsoft.com/update-guide/
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
