Microsoft August 2022 Patch Tuesday

178/2022
Critical
August 10, 2022
1:23 pm

Microsoft has released its monthly patch of security updates, known as Patch Tuesday, which fixes two zero-day vulnerabilities, one actively exploited known as “DogWalk”, and several critical Exchange vulnerabilities.

Microsoft has fixed (121) vulnerabilities (not including Microsoft Edge vulnerabilities), with (17) classified as Critical as they allow remote code execution or elevation of privileges.

August ’s Patch Tuesday was released to fix security flaws in some products such as Active Directory Domain Services, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Windows Support Diagnostic Tool (MSDT), Windows Point-to-Point Tunneling Protocol, Windows Hyper-V, Windows Kernel, Windows Local Security Authority (LSA), and Windows Secure Boot.

The actively exploited “DogWalk” zero-day vulnerability tracked as (CVE-2022- 34713) is a path traversal flaw in the Support Diagnostic Tool (MSDT) that could allow the local unauthenticated attackers to gain remote code execution by tricking the victim to open a specially-crafted file on the affected system.

The other zero-day vulnerability is a Microsoft Exchange information disclosure vulnerability tracked as (CVE-2022-30134) that could allow the remote attackers to read targeted email messages.

It should be highlighted that Microsoft has recommended to immediately installing the security updates for critical severity privilege escalation Exchange vulnerabilities (CVE-2022-21980, CVE-2022-24477, and CVE-2022-24516). Also, they recommended enabling Windows Extended Protection (EP) on Exchange servers after applying the security updates and provided a script for this process, advising customers to carefully evaluate their environments and review the issues mentioned in the script documentation before enabling it on their servers.

Developed script: https://aka.ms/ExchangeEPScript

Script documentation: https://aka.ms/ExchangeEPDoc

Samples of the addressed vulnerabilities:

Windows Point-to-Point Protocol Remote Code Execution (CVE-2022-30133):
- CVSS: 9.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Gain Access
Active Directory Domain Services Elevation of Privilege (CVE-2022-34691):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privileges
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution
(CVE-2022-34713):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access

Mitigations

The enterprise should deploy this patch as soon as the testing phase is completed.

https://msrc.microsoft.com/update-guide/releasenote/2022-Aug

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Mitigations

References