- A reasonably gentle month for a Microsoft Patch Tuesday launch, with 51 CVEs.
- Out of all of the CVEs, 50 have been marked as necessary, and one as average.
- So, the excellent news is that there are not any essential severity ones this month.
- We have included every and everybody on this article, with direct hyperlinks as effectively.
It’s that point of the month once more, and everyone seems to be wanting in the direction of Microsoft, in hopes that a number of the flaws they’ve been combating will lastly get mounted.
We’ve already offered the direct obtain hyperlinks for the cumulative updates launched at the moment for Home windows 10, however now it’s time to speak about Essential Vulnerabilities and Exposures once more.
By way of heft, this month’s launch coincides with February releases from earlier years, that are normally round 50 CVEs.
Let’s dive proper into it and see what vulnerabilities are fully gone from our lives, now that these patches are reside.
There have been no Essential CVEs to repair for February 2022
The silver lining for the month of February 2022, is the whole lack of Essential-rated patches. Out of those launched at the moment, 50 are rated as Vital and one is rated as Average in severity.
So, the 51 new patches that turned accessible at the moment tackle CVEs in:
- Microsoft Home windows and Home windows Parts
- Azure Knowledge Explorer
- Kestrel Net Server
- Microsoft Edge (Chromium-based)
- Home windows Codecs Library
- Microsoft Dynamics
- Microsoft Dynamics GP
- Microsoft Workplace and Workplace Parts
- Home windows Hyper-V Server
- SQL Server
- Visible Studio Code
- Microsoft Groups
Some extra excellent news is that not one of the bugs that have been addressed this month are listed as being beneath lively exploit, aside from one, which is listed as publicly identified on the time of launch.
We all know you’re curious and wish to discover each single one of many patches, so we’re going to current them to you.
|CVE-2022-21989||Home windows Kernel Elevation of Privilege Vulnerability||Vital||7.8||Sure||No||EoP|
|CVE-2022-21984||Home windows DNS Server Distant Code Execution Vulnerability||Vital||8.8||No||No||RCE|
|CVE-2022-23280||Microsoft Outlook for Mac Safety Function Bypass Vulnerability||Vital||5.3||No||No||SFB|
|CVE-2022-21995||Home windows Hyper-V Distant Code Execution Vulnerability||Vital||7.9||No||No||RCE|
|CVE-2022-22005||Microsoft SharePoint Server Distant Code Execution Vulnerability||Vital||8.8||No||No||RCE|
|CVE-2022-21986||.NET Denial of Service Vulnerability||Vital||7.5||No||No||DoS|
|CVE-2022-23256||Azure Knowledge Explorer Spoofing Vulnerability||Vital||8.1||No||No||Spoofing|
|CVE-2022-21844||HEVC Video Extensions Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21926||HEVC Video Extensions Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21927||HEVC Video Extensions Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21957||Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability||Vital||7.2||No||No||RCE|
|CVE-2022-23271||Microsoft Dynamics GP Elevation Of Privilege Vulnerability||Vital||6.5||No||No||EoP|
|CVE-2022-23272||Microsoft Dynamics GP Elevation Of Privilege Vulnerability||Vital||8.1||No||No||EoP|
|CVE-2022-23273||Microsoft Dynamics GP Elevation Of Privilege Vulnerability||Vital||7.1||No||No||EoP|
|CVE-2022-23274||Microsoft Dynamics GP Distant Code Execution Vulnerability||Vital||8.3||No||No||RCE|
|CVE-2022-23269||Microsoft Dynamics GP Spoofing Vulnerability||Vital||6.9||No||No||Spoofing|
|CVE-2022-23262||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability||Vital||6.3||No||No||EoP|
|CVE-2022-23263||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability||Vital||7.7||No||No||EoP|
|CVE-2022-22716||Microsoft Excel Info Disclosure Vulnerability||Vital||5.5||No||No||Data|
|CVE-2022-22004||Microsoft Workplace ClickToRun Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-22003||Microsoft Workplace Graphics Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-23252||Microsoft Workplace Info Disclosure Vulnerability||Vital||5.5||No||No||Data|
|CVE-2022-21988||Microsoft Workplace Visio Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-23255||Microsoft OneDrive for Android Safety Function Bypass Vulnerability||Vital||5.9||No||No||SFB|
|CVE-2022-23254||Microsoft Energy BI Elevation of Privilege Vulnerability||Vital||4.9||No||No||EoP|
|CVE-2022-21968||Microsoft SharePoint Server Safety Function BypassVulnerability||Vital||4.3||No||No||SFB|
|CVE-2022-21987||Microsoft SharePoint Server Spoofing Vulnerability||Vital||8||No||No||Spoofing|
|CVE-2022-21965||Microsoft Groups Denial of Service Vulnerability||Vital||7.5||No||No||DoS|
|CVE-2022-22715||Named Pipe File System Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-21974||Roaming Safety Rights Administration Companies Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-23276||SQL Server for Linux Containers Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-21991||Visible Studio Code Distant Growth Extension Distant Code Execution Vulnerability||Vital||8.1||No||No||RCE|
|CVE-2022-22709||VP9 Video Extensions Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21996||Win32k Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-22710||Home windows Frequent Log File System Driver Denial of Service Vulnerability||Vital||5.5||No||No||DoS|
|CVE-2022-21981||Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-22000||Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-21998||Home windows Frequent Log File System Driver Info Disclosure Vulnerability||Vital||5.5||No||No||Data|
|CVE-2022-21994||Home windows DWM Core Library Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-22712||Home windows Hyper-V Denial of Service Vulnerability||Vital||5.6||No||No||DoS|
|CVE-2022-21992||Home windows Cell Gadget Administration Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21997||Home windows Print Spooler Elevation of Privilege Vulnerability||Vital||7.1||No||No||EoP|
|CVE-2022-21999||Home windows Print Spooler Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-22717||Home windows Print Spooler Elevation of Privilege Vulnerability||Vital||7||No||No||EoP|
|CVE-2022-22718||Home windows Print Spooler Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-22001||Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability||Vital||7.8||No||No||EoP|
|CVE-2022-21985||Home windows Distant Entry Connection Supervisor Info Disclosure Vulnerability||Vital||5.5||No||No||Data|
|CVE-2022-21971||Home windows Runtime Distant Code Execution Vulnerability||Vital||7.8||No||No||RCE|
|CVE-2022-21993||Home windows Companies for NFS ONCRPC XDR Driver Info Disclosure Vulnerability||Vital||7.5||No||No||Data|
|CVE-2022-22002||Home windows Consumer Account Profile Image Denial of Service Vulnerability||Vital||5.5||No||No||DoS|
|CVE-2022-23261||Microsoft Edge (Chromium-based) Tampering Vulnerability||Average||5.3||No||No||Tampering|
|CVE-2022-0452||Chromium: CVE-2022-0452 Use after free in Protected Shopping||Excessive||N/A||No||No||N/A|
|CVE-2022-0453||Chromium: CVE-2022-0453 Use after free in Reader Mode||Excessive||N/A||No||No||N/A|
|CVE-2022-0454||Chromium: CVE-2022-0454 Heap buffer overflow in ANGLE||Excessive||N/A||No||No||N/A|
|CVE-2022-0455||Chromium: CVE-2022-0455 Inappropriate implementation in Full Display screen Mode||Excessive||N/A||No||No||N/A|
|CVE-2022-0456||Chromium: CVE-2022-0456 Use after free in Net Search||Excessive||N/A||No||No||N/A|
|CVE-2022-0457||Chromium: CVE-2022-0457 Sort Confusion in V8||Excessive||N/A||No||No||N/A|
|CVE-2022-0458||Chromium: CVE-2022-0458 Use after free in Thumbnail Tab Strip||Excessive||N/A||No||No||N/A|
|CVE-2022-0459||Chromium: CVE-2022-0459 Use after free in Display screen Seize||Excessive||N/A||No||No||N/A|
|CVE-2022-0460||Chromium: CVE-2022-0460 Use after free in Window Dialog||Medium||N/A||No||No||N/A|
|CVE-2022-0461||Chromium: CVE-2022-0461 Coverage bypass in COOP||Medium||N/A||No||No||N/A|
|CVE-2022-0462||Chromium: CVE-2022-0462 Inappropriate implementation in Scroll||Medium||N/A||No||No||N/A|
|CVE-2022-0463||Chromium: CVE-2022-0463 Use after free in Accessibility||Medium||N/A||No||No||N/A|
|CVE-2022-0464||Chromium: CVE-2022-0464 Use after free in Accessibility||Medium||N/A||No||No||N/A|
|CVE-2022-0465||Chromium: CVE-2022-0465 Use after free in Extensions||Medium||N/A||No||No||N/A|
|CVE-2022-0466||Chromium: CVE-2022-0466 Inappropriate implementation in Extensions Platform||Medium||N/A||No||No||N/A|
|CVE-2022-0467||Chromium: CVE-2022-0467 Inappropriate implementation in Pointer Lock||Medium||N/A||No||No||N/A|
|CVE-2022-0468||Chromium: CVE-2022-0468 Use after free in Funds||Medium||N/A||No||No||N/A|
|CVE-2022-0469||Chromium: CVE-2022-0469 Use after free in Forged||Medium||N/A||No||No||N/A|
|CVE-2022-0470||Chromium: CVE-2022-0470 Out of bounds reminiscence entry in V8||Low||N/A||No||No||N/A|
These are all of the CVEs addressed with this month’s Patch Tuesday launch. General, this was a reasonably gentle and safe month, in comparison with earlier conditions.
The subsequent Patch Tuesday batch of software program will come on March 8 and we’re all curious to see what Microsoft comes up with till then.
Let’s all hope that we received’t need to cope with essential issues, and that’s it is going to solely be easy crusing any longer.
Was this text useful to you? Share your opinion within the feedback part under.
Begin a dialog