A total of 51 CVEs were addressed by Microsoft this month

Alexandru Poloboc
by Alexandru Poloboc

Information Editor

With an overwhelming need to all the time resolve issues and uncover the reality, Alex spent most of his time working as a information reporter, anchor, in addition to TV and radio… Learn extra

  • A reasonably gentle month for a Microsoft Patch Tuesday launch, with 51 CVEs.
  • Out of all of the CVEs, 50 have been marked as necessary, and one as average.
  • So, the excellent news is that there are not any essential severity ones this month.
  • We have included every and everybody on this article, with direct hyperlinks as effectively.

patch tuesday februaty 2022

It’s that point of the month once more, and everyone seems to be wanting in the direction of Microsoft, in hopes that a number of the flaws they’ve been combating will lastly get mounted.

We’ve already offered the direct obtain hyperlinks for the cumulative updates launched at the moment for Home windows 10, however now it’s time to speak about Essential Vulnerabilities and Exposures once more.

By way of heft, this month’s launch coincides with February releases from earlier years, that are normally round 50 CVEs.

Let’s dive proper into it and see what vulnerabilities are fully gone from our lives, now that these patches are reside.

There have been no Essential CVEs to repair for February 2022

The silver lining for the month of February 2022, is the whole lack of Essential-rated patches. Out of those launched at the moment, 50 are rated as Vital and one is rated as Average in severity.

So, the 51 new patches that turned accessible at the moment tackle CVEs in:

  • Microsoft Home windows and Home windows Parts
  • Azure Knowledge Explorer
  • Kestrel Net Server
  • Microsoft Edge (Chromium-based)
  • Home windows Codecs Library
  • Microsoft Dynamics
  • Microsoft Dynamics GP
  • Microsoft Workplace and Workplace Parts
  • Home windows Hyper-V Server
  • SQL Server
  • Visible Studio Code
  • Microsoft Groups

Some extra excellent news is that not one of the bugs that have been addressed this month are listed as being beneath lively exploit, aside from one, which is listed as publicly identified on the time of launch.

We all know you’re curious and wish to discover each single one of many patches, so we’re going to current them to you.

CVE Title Severity CVSS Public Exploited Sort
CVE-2022-21989 Home windows Kernel Elevation of Privilege Vulnerability Vital 7.8 Sure No EoP
CVE-2022-21984 Home windows DNS Server Distant Code Execution Vulnerability Vital 8.8 No No RCE
CVE-2022-23280 Microsoft Outlook for Mac Safety Function Bypass Vulnerability Vital 5.3 No No SFB
CVE-2022-21995 Home windows Hyper-V Distant Code Execution Vulnerability Vital 7.9 No No RCE
CVE-2022-22005 Microsoft SharePoint Server Distant Code Execution Vulnerability Vital 8.8 No No RCE
CVE-2022-21986 .NET Denial of Service Vulnerability Vital 7.5 No No DoS
CVE-2022-23256 Azure Knowledge Explorer Spoofing Vulnerability Vital 8.1 No No Spoofing
CVE-2022-21844 HEVC Video Extensions Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21926 HEVC Video Extensions Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21927 HEVC Video Extensions Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21957 Microsoft Dynamics 365 (on-premises) Distant Code Execution Vulnerability Vital 7.2 No No RCE
CVE-2022-23271 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Vital 6.5 No No EoP
CVE-2022-23272 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Vital 8.1 No No EoP
CVE-2022-23273 Microsoft Dynamics GP Elevation Of Privilege Vulnerability Vital 7.1 No No EoP
CVE-2022-23274 Microsoft Dynamics GP Distant Code Execution Vulnerability Vital 8.3 No No RCE
CVE-2022-23269 Microsoft Dynamics GP Spoofing Vulnerability Vital 6.9 No No Spoofing
CVE-2022-23262 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vital 6.3 No No EoP
CVE-2022-23263 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Vital 7.7 No No EoP
CVE-2022-22716 Microsoft Excel Info Disclosure Vulnerability Vital 5.5 No No Data
CVE-2022-22004 Microsoft Workplace ClickToRun Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-22003 Microsoft Workplace Graphics Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-23252 Microsoft Workplace Info Disclosure Vulnerability Vital 5.5 No No Data
CVE-2022-21988 Microsoft Workplace Visio Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-23255 Microsoft OneDrive for Android Safety Function Bypass Vulnerability Vital 5.9 No No SFB
CVE-2022-23254 Microsoft Energy BI Elevation of Privilege Vulnerability Vital 4.9 No No EoP
CVE-2022-21968 Microsoft SharePoint Server Safety Function BypassVulnerability Vital 4.3 No No SFB
CVE-2022-21987 Microsoft SharePoint Server Spoofing Vulnerability Vital 8 No No Spoofing
CVE-2022-21965 Microsoft Groups Denial of Service Vulnerability Vital 7.5 No No DoS
CVE-2022-22715 Named Pipe File System Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-21974 Roaming Safety Rights Administration Companies Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-23276 SQL Server for Linux Containers Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-21991 Visible Studio Code Distant Growth Extension Distant Code Execution Vulnerability Vital 8.1 No No RCE
CVE-2022-22709 VP9 Video Extensions Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21996 Win32k Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-22710 Home windows Frequent Log File System Driver Denial of Service Vulnerability Vital 5.5 No No DoS
CVE-2022-21981 Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-22000 Home windows Frequent Log File System Driver Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-21998 Home windows Frequent Log File System Driver Info Disclosure Vulnerability Vital 5.5 No No Data
CVE-2022-21994 Home windows DWM Core Library Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-22712 Home windows Hyper-V Denial of Service Vulnerability Vital 5.6 No No DoS
CVE-2022-21992 Home windows Cell Gadget Administration Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21997 Home windows Print Spooler Elevation of Privilege Vulnerability Vital 7.1 No No EoP
CVE-2022-21999 Home windows Print Spooler Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-22717 Home windows Print Spooler Elevation of Privilege Vulnerability Vital 7 No No EoP
CVE-2022-22718 Home windows Print Spooler Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-22001 Home windows Distant Entry Connection Supervisor Elevation of Privilege Vulnerability Vital 7.8 No No EoP
CVE-2022-21985 Home windows Distant Entry Connection Supervisor Info Disclosure Vulnerability Vital 5.5 No No Data
CVE-2022-21971 Home windows Runtime Distant Code Execution Vulnerability Vital 7.8 No No RCE
CVE-2022-21993 Home windows Companies for NFS ONCRPC XDR Driver Info Disclosure Vulnerability Vital 7.5 No No Data
CVE-2022-22002 Home windows Consumer Account Profile Image Denial of Service Vulnerability Vital 5.5 No No DoS
CVE-2022-23261 Microsoft Edge (Chromium-based) Tampering Vulnerability Average 5.3 No No Tampering
CVE-2022-0452 Chromium: CVE-2022-0452 Use after free in Protected Shopping Excessive N/A No No N/A
CVE-2022-0453 Chromium: CVE-2022-0453 Use after free in Reader Mode Excessive N/A No No N/A
CVE-2022-0454 Chromium: CVE-2022-0454 Heap buffer overflow in ANGLE Excessive N/A No No N/A
CVE-2022-0455 Chromium: CVE-2022-0455 Inappropriate implementation in Full Display screen Mode Excessive N/A No No N/A
CVE-2022-0456 Chromium: CVE-2022-0456 Use after free in Net Search Excessive N/A No No N/A
CVE-2022-0457 Chromium: CVE-2022-0457 Sort Confusion in V8 Excessive N/A No No N/A
CVE-2022-0458 Chromium: CVE-2022-0458 Use after free in Thumbnail Tab Strip Excessive N/A No No N/A
CVE-2022-0459 Chromium: CVE-2022-0459 Use after free in Display screen Seize Excessive N/A No No N/A
CVE-2022-0460 Chromium: CVE-2022-0460 Use after free in Window Dialog Medium N/A No No N/A
CVE-2022-0461 Chromium: CVE-2022-0461 Coverage bypass in COOP Medium N/A No No N/A
CVE-2022-0462 Chromium: CVE-2022-0462 Inappropriate implementation in Scroll Medium N/A No No N/A
CVE-2022-0463 Chromium: CVE-2022-0463 Use after free in Accessibility Medium N/A No No N/A
CVE-2022-0464 Chromium: CVE-2022-0464 Use after free in Accessibility Medium N/A No No N/A
CVE-2022-0465 Chromium: CVE-2022-0465 Use after free in Extensions Medium N/A No No N/A
CVE-2022-0466 Chromium: CVE-2022-0466 Inappropriate implementation in Extensions Platform Medium N/A No No N/A
CVE-2022-0467 Chromium: CVE-2022-0467 Inappropriate implementation in Pointer Lock Medium N/A No No N/A
CVE-2022-0468 Chromium: CVE-2022-0468 Use after free in Funds Medium N/A No No N/A
CVE-2022-0469 Chromium: CVE-2022-0469 Use after free in Forged Medium N/A No No N/A
CVE-2022-0470 Chromium: CVE-2022-0470 Out of bounds reminiscence entry in V8 Low N/A No No N/A

These are all of the CVEs addressed with this month’s Patch Tuesday launch. General, this was a reasonably gentle and safe month, in comparison with earlier conditions.

The subsequent Patch Tuesday batch of software program will come on March 8 and we’re all curious to see what Microsoft comes up with till then.

Let’s all hope that we received’t need to cope with essential issues, and that’s it is going to solely be easy crusing any longer.

Was this text useful to you? Share your opinion within the feedback part under.

Leave a Comment