From Defender to Windows, Office to Azure, this month’s Patch Tuesday has a large swath of Microsoft’s portfolio getting vulnerabilities fixed. 119 CVEs were addressed today, not including the 26 Chromium vulnerabilities that were fixed in the Edge browser.
One of these has been observed being exploited in the wild: CVE-2022-24521, reported to Microsoft by the National Security Agency, affects the Common Log File System Driver in all supported versions of Windows and allows attackers to gain additional privileges on a system they already have local access to. Another local privilege escalation (LPE), CVE-2022-26904 affecting the Windows User Profile Service, had been publicly disclosed but not reported as already being exploited – it’s harder for attackers to leverage as it relies on winning a race condition, which can be tricky to reliably achieve.
LPEs don’t always get the same attention that remote code execution (RCE) vulnerabilities do, but they can be a great help to attackers after they gain an initial foothold. These two categories dominate this month’s vulnerabilities, with 55 LPEs and 47 RCEs getting patched. 10 of the RCEs are considered “Critical,” affecting Windows Hyper-V (CVE-2022-22008, CVE-2022-23257, CVE-2022-24537); Windows SMB Client (CVE-2022-24500, CVE-2022-24541); Windows Network File System (CVE-2022-24491 and CVE-2022-24497); LDAP (CVE-2022-26919); Microsoft Dynamics (CVE-2022-23259); and the Windows RPC Runtime (CVE-2022-26809).
On the Office side of the house, Skype for Business Server was patched for spoofing (CVE-2022-26910) and information disclosure (CVE-2022-26911) vulnerabilities. Two RCEs affecting Excel (CVE-2022-24473 and CVE-2022-26901) were fixed, as well as a spoofing vulnerability in SharePoint Server (CVE-2022-24472).
With so many vulnerabilities to manage, it can be difficult to prioritize. Thankfully, most of this month’s CVEs can be addressed by patching the core OS. Administrators should first focus on updating any public-facing servers before moving on to internal servers and then client systems. The SMB Client vulnerabilities can also be mitigated by blocking port 445/tcp at the network perimeter – victims need to be enticed to connect to a malicious SMB server, and this would help against Internet-based attackers. Of course, this won’t help much if the malicious system was set up within the perimeter.
For any readers who enjoy deeper dives into vulnerabilities and exploits, Rapid7’s Jake Baines has a technical writeup of CVE-2022-24527, an LPE he discovered in the Connected Cache component of Microsoft Endpoint Manager that got fixed today. Check it out!
Summary charts
Summary tables
Azure Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-26898 |
Azure Site Recovery Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26896 |
Azure Site Recovery Information Disclosure Vulnerability |
No |
No |
4.9 |
Yes |
CVE-2022-26897 |
Azure Site Recovery Information Disclosure Vulnerability |
No |
No |
4.9 |
Yes |
CVE-2022-26907 |
Azure SDK for .NET Information Disclosure Vulnerability |
No |
No |
5.3 |
Yes |
Browser Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-24523 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability |
No |
No |
4.3 |
Yes |
CVE-2022-24475 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26891 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26894 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26895 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26900 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26908 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26909 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-26912 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
No |
No |
8.3 |
Yes |
CVE-2022-1232 |
Chromium: CVE-2022-1232 Type Confusion in V8 |
No |
No |
N/A |
Yes |
CVE-2022-1146 |
Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing |
No |
No |
N/A |
Yes |
CVE-2022-1145 |
Chromium: CVE-2022-1145 Use after free in Extensions |
No |
No |
N/A |
Yes |
CVE-2022-1143 |
Chromium: CVE-2022-1143 Heap buffer overflow in WebUI |
No |
No |
N/A |
Yes |
CVE-2022-1139 |
Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API |
No |
No |
N/A |
Yes |
CVE-2022-1138 |
Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor |
No |
No |
N/A |
Yes |
CVE-2022-1137 |
Chromium: CVE-2022-1137 Inappropriate implementation in Extensions |
No |
No |
N/A |
Yes |
CVE-2022-1136 |
Chromium: CVE-2022-1136 Use after free in Tab Strip |
No |
No |
N/A |
Yes |
CVE-2022-1135 |
Chromium: CVE-2022-1135 Use after free in Shopping Cart |
No |
No |
N/A |
Yes |
CVE-2022-1134 |
Chromium: CVE-2022-1134 Type Confusion in V8 |
No |
No |
N/A |
Yes |
CVE-2022-1133 |
Chromium: CVE-2022-1133 Use after free in WebRTC |
No |
No |
N/A |
Yes |
CVE-2022-1131 |
Chromium: CVE-2022-1131 Use after free in Cast UI |
No |
No |
N/A |
Yes |
CVE-2022-1130 |
Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP |
No |
No |
N/A |
Yes |
CVE-2022-1129 |
Chromium: CVE-2022-1129 Inappropriate implementation in Full Screen Mode |
No |
No |
N/A |
Yes |
CVE-2022-1128 |
Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API |
No |
No |
N/A |
Yes |
CVE-2022-1127 |
Chromium: CVE-2022-1127 Use after free in QR Code Generator |
No |
No |
N/A |
Yes |
CVE-2022-1125 |
Chromium: CVE-2022-1125 Use after free in Portals |
No |
No |
N/A |
Yes |
Developer Tools Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-26924 |
YARP Denial of Service Vulnerability |
No |
No |
7.5 |
Yes |
CVE-2022-24513 |
Visual Studio Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26921 |
Visual Studio Code Elevation of Privilege Vulnerability |
No |
No |
7.3 |
No |
CVE-2022-24765 |
GitHub: Uncontrolled search for the Git directory in Git for Windows |
No |
No |
N/A |
Yes |
CVE-2022-24767 |
GitHub: Git for Windows’ uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account |
No |
No |
N/A |
Yes |
CVE-2022-26832 |
.NET Framework Denial of Service Vulnerability |
No |
No |
7.5 |
No |
Microsoft Dynamics Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-23259 |
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
Microsoft Office Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-26910 |
Skype for Business and Lync Spoofing Vulnerability |
No |
No |
5.3 |
Yes |
CVE-2022-26911 |
Skype for Business Information Disclosure Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-24472 |
Microsoft SharePoint Server Spoofing Vulnerability |
No |
No |
8 |
Yes |
CVE-2022-24473 |
Microsoft Excel Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26901 |
Microsoft Excel Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
SQL Server Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-23292 |
Microsoft Power BI Spoofing Vulnerability |
No |
No |
5.9 |
Yes |
System Center Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-24548 |
Microsoft Defender Denial of Service Vulnerability |
No |
No |
5.5 |
Yes |
Windows Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-24543 |
Windows Upgrade Assistant Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-24550 |
Windows Telephony Server Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26786 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26789 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26791 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26793 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26795 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24491 |
Windows Network File System Remote Code Execution Vulnerability |
No |
No |
9.8 |
Yes |
CVE-2022-24497 |
Windows Network File System Remote Code Execution Vulnerability |
No |
No |
9.8 |
Yes |
CVE-2022-24487 |
Windows Local Security Authority (LSA) Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-24483 |
Windows Kernel Information Disclosure Vulnerability |
No |
No |
5.5 |
Yes |
CVE-2022-24545 |
Windows Kerberos Remote Code Execution Vulnerability |
No |
No |
8.1 |
Yes |
CVE-2022-24486 |
Windows Kerberos Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24490 |
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability |
No |
No |
8.1 |
Yes |
CVE-2022-24539 |
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability |
No |
No |
8.1 |
Yes |
CVE-2022-26783 |
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-26785 |
Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-23257 |
Windows Hyper-V Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-22008 |
Windows Hyper-V Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-24537 |
Windows Hyper-V Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-22009 |
Windows Hyper-V Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-23268 |
Windows Hyper-V Denial of Service Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-26920 |
Windows Graphics Component Information Disclosure Vulnerability |
No |
No |
5.5 |
Yes |
CVE-2022-26808 |
Windows File Explorer Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-24495 |
Windows Direct Show - Remote Code Execution Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-24547 |
Windows Digital Media Receiver Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24488 |
Windows Desktop Bridge Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24546 |
Windows DWM Core Library Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26811 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26823 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26824 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26825 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26826 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26814 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26817 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26818 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26816 |
Windows DNS Server Information Disclosure Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-24538 |
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability |
No |
No |
6.5 |
No |
CVE-2022-26784 |
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability |
No |
No |
6.5 |
No |
CVE-2022-24484 |
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability |
No |
No |
5.5 |
No |
CVE-2022-26828 |
Windows Bluetooth Driver Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-24549 |
Windows AppX Package Manager Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24482 |
Windows ALPC Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-26914 |
Win32k Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26788 |
PowerShell Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24496 |
Local Security Authority (LSA) Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24532 |
HEVC Video Extensions Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26830 |
DiskUsage.exe Remote Code Execution Vulnerability |
No |
No |
7.5 |
Yes |
CVE-2022-24479 |
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24489 |
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
Windows ESU Vulnerabilities
CVE |
Title |
Exploited? |
Publicly disclosed? |
CVSSv3 base score |
Has FAQ? |
CVE-2022-24498 |
Windows iSCSI Target Service Information Disclosure Vulnerability |
No |
No |
6.5 |
Yes |
CVE-2022-26807 |
Windows Work Folder Service Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-24474 |
Windows Win32k Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24542 |
Windows Win32k Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26904 |
Windows User Profile Service Elevation of Privilege Vulnerability |
No |
Yes |
7 |
Yes |
CVE-2022-24541 |
Windows Server Service Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-26915 |
Windows Secure Channel Denial of Service Vulnerability |
No |
No |
7.5 |
No |
CVE-2022-24500 |
Windows SMB Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-26787 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26790 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26792 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26794 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26796 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26797 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26798 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26801 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26802 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26803 |
Windows Print Spooler Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26919 |
Windows LDAP Remote Code Execution Vulnerability |
No |
No |
8.1 |
Yes |
CVE-2022-26831 |
Windows LDAP Denial of Service Vulnerability |
No |
No |
7.5 |
No |
CVE-2022-24544 |
Windows Kerberos Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24530 |
Windows Installer Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24499 |
Windows Installer Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26903 |
Windows Graphics Component Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26810 |
Windows File Server Resource Management Service Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-26827 |
Windows File Server Resource Management Service Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-26916 |
Windows Fax Compose Form Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26917 |
Windows Fax Compose Form Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26918 |
Windows Fax Compose Form Remote Code Execution Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-24527 |
Windows Endpoint Configuration Manager Elevation of Privilege Vulnerability |
No |
No |
7.8 |
Yes |
CVE-2022-26812 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26813 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-24536 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26815 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
7.2 |
Yes |
CVE-2022-26819 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26820 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26821 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26822 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-26829 |
Windows DNS Server Remote Code Execution Vulnerability |
No |
No |
6.6 |
Yes |
CVE-2022-24521 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
Yes |
No |
7.8 |
No |
CVE-2022-24481 |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24494 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
No |
No |
7.8 |
No |
CVE-2022-24540 |
Windows ALPC Elevation of Privilege Vulnerability |
No |
No |
7 |
Yes |
CVE-2022-21983 |
Win32 Stream Enumeration Remote Code Execution Vulnerability |
No |
No |
7.5 |
Yes |
CVE-2022-24534 |
Win32 Stream Enumeration Remote Code Execution Vulnerability |
No |
No |
7.5 |
Yes |
CVE-2022-24485 |
Win32 File Enumeration Remote Code Execution Vulnerability |
No |
No |
7.5 |
Yes |
CVE-2022-26809 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
No |
No |
9.8 |
Yes |
CVE-2022-24528 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-24492 |
Remote Procedure Call Runtime Remote Code Execution Vulnerability |
No |
No |
8.8 |
Yes |
CVE-2022-24533 |
Remote Desktop Protocol Remote Code Execution Vulnerability |
No |
No |
8 |
Yes |
CVE-2022-24493 |
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability |
No |
No |
5.5 |
Yes |
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
Subscribe