VERT Threat Alert: August 2022 Patch Tuesday Analysis
Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th.
In-The-Wild & Disclosed CVEs
According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability. There has been a lot of Twitter discussion around this Dogwalk as it was first disclosed to Microsoft two years ago. Microsoft has noted that this vulnerability, which requires the user open a specially crafted file to exploit a flaw in the Microsoft Support Diagnostic Tool (MSDT), has been publicly disclosed and exploited.
This information disclosure vulnerability could allow attackers to read targeted email messages. In this case, installing the August 2022 Exchange Server Security Update (SU) release is not sufficient to defend against this vulnerability. System owners must also enable Exchange Server Support for Windows Extended Protection, which Microsoft has detailed in an Exchange Team Blog Post. The biggest take away here is that there are a number of instances where Microsoft suggests making sure you are aware of the issues associated with enabling Extended Protection, as such it is likely a good idea to read all of the associated documentation before moving forward with enabling this protection, but keep in mind the vulnerability is not fully resolved until the protection is enabled.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed are listed in red.
| Tag | CVE Count | CVEs |
| Windows WebBrowser Control | 1 | CVE-2022-30194 |
| Windows Secure Socket Tunneling Protocol (SSTP) | 7 | CVE-2022-34714, CVE-2022-35745, CVE-2022-34701, CVE-2022-34702, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794 |
| Microsoft Windows Support Diagnostic Tool (MSDT) | 2 | CVE-2022-34713, CVE-2022-35743 |
| Microsoft ATA Port Driver | 1 | CVE-2022-35760 |
| Windows Hello | 1 | CVE-2022-35797 |
| Visual Studio | 4 | CVE-2022-35777, CVE-2022-35825, CVE-2022-35826, CVE-2022-35827 |
| Windows Canonical Display Driver | 1 | CVE-2022-35750 |
| System Center Operations Manager | 1 | CVE-2022-33640 |
| Active Directory Domain Services | 1 | CVE-2022-34691 |
| Azure Batch Node Agent | 1 | CVE-2022-33646 |
| Remote Access Service Point-to-Point Tunneling Protocol | 3 | CVE-2022-35752, CVE-2022-35753, CVE-2022-35769 |
| Windows Network File System | 1 | CVE-2022-34715 |
| Windows Cloud Files Mini Filter Driver | 1 | CVE-2022-35757 |
| Microsoft Office Excel | 2 | CVE-2022-33648, CVE-2022-33631 |
| Windows Defender Credential Guard | 6 | CVE-2022-34709, CVE-2022-34710, CVE-2022-34712, CVE-2022-34704, CVE-2022-34705, CVE-2022-35771 |
| Windows Kernel | 7 | CVE-2022-30197, CVE-2022-34707, CVE-2022-34708, CVE-2022-35758, CVE-2022-35761, CVE-2022-35804, CVE-2022-35768 |
| Microsoft Bluetooth Driver | 1 | CVE-2022-35820 |
| Microsoft Exchange Server | 6 | CVE-2022-21979, CVE-2022-21980, CVE-2022-24516, CVE-2022-24477, CVE-2022-30134, CVE-2022-34692 |
| Windows Point-to-Point Tunneling Protocol | 3 | CVE-2022-30133, CVE-2022-35744, CVE-2022-35747 |
| Microsoft Office | 1 | CVE-2022-34717 |
| Windows Partition Management Driver | 2 | CVE-2022-33670, CVE-2022-34703 |
| Azure Site Recovery | 34 | CVE-2022-35776, CVE-2022-35802, CVE-2022-35780, CVE-2022-35781, CVE-2022-35772, CVE-2022-35799, CVE-2022-35774, CVE-2022-35800, CVE-2022-35775, CVE-2022-35801, CVE-2022-35807, CVE-2022-35808, CVE-2022-35782, CVE-2022-35809, CVE-2022-35783, CVE-2022-35784, CVE-2022-35810, CVE-2022-35811, CVE-2022-35785, CVE-2022-35812, CVE-2022-35786, CVE-2022-35787, CVE-2022-35813, CVE-2022-35788, CVE-2022-35814, CVE-2022-35789, CVE-2022-35815, CVE-2022-35790, CVE-2022-35816, CVE-2022-35817, CVE-2022-35791, CVE-2022-35818, CVE-2022-35819, CVE-2022-35824 |
| Windows Local Security Authority (LSA) | 2 | CVE-2022-34706, CVE-2022-35759 |
| Windows Storage Spaces Direct | 5 | CVE-2022-35762, CVE-2022-35763, CVE-2022-35764, CVE-2022-35765, CVE-2022-35792 |
| Windows Win32K | 1 | CVE-2022-34699 |
| Microsoft Office Outlook | 1 | CVE-2022-35742 |
| .NET Core | 1 | CVE-2022-34716 |
| Windows Kerberos | 1 | CVE-2022-35756 |
| Windows Bluetooth Service | 1 | CVE-2022-30144 |
| Windows Print Spooler Components | 2 | CVE-2022-35755, CVE-2022-35793 |
| Role: Windows Hyper-V | 2 | CVE-2022-34696, CVE-2022-35751 |
| Azure Real Time Operating System | 8 | CVE-2022-30175, CVE-2022-30176, CVE-2022-34685, CVE-2022-34686, CVE-2022-34687, CVE-2022-35773, CVE-2022-35779, CVE-2022-35806 |
| Microsoft Edge (Chromium-based) | 20 | CVE-2022-33636, CVE-2022-33649, CVE-2022-35796, CVE-2022-2603, CVE-2022-2604, CVE-2022-2605, CVE-2022-2606, CVE-2022-2610, CVE-2022-2611, CVE-2022-2612, CVE-2022-2614, CVE-2022-2615, CVE-2022-2616, CVE-2022-2617, CVE-2022-2618, CVE-2022-2619, CVE-2022-2621, CVE-2022-2622, CVE-2022-2623, CVE-2022-2624 |
| Windows Error Reporting | 1 | CVE-2022-35795 |
| Role: Windows Fax Service | 1 | CVE-2022-34690 |
| Windows Secure Boot | 3 | CVE-2022-34303, CVE-2022-34301, CVE-2022-34302 |
| Azure Sphere | 1 | CVE-2022-35821 |
| Windows Digital Media | 2 | CVE-2022-35746, CVE-2022-35749 |
| Windows Unified Write Filter | 1 | CVE-2022-35754 |
| Windows Internet Information Services | 1 | CVE-2022-35748 |
Other Information
At the time of publication, there were no new advisories included with the August Security Guidance.
The post ” VERT Threat Alert: August 2022 Patch Tuesday Analysis” appeared first on TripWire
Source:TripWire – Tyler Reguly