Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.
The patches for Microsoft Office, Outlook and Excel are the first to be added on the priority patch list. They address 4 vulnerabilities: remote code execution, denial of service and security feature bypass.
Next are patches which affect parts of the windows Operating systems. This patch addresses over 55 vulnerabilities including information disclosure and elevation of privilege. These vulnerabilities are affecting core windows, Kernel, Secure Socket Tunneling Protocol, windows Bluetooth Driver, support diagnostic tools, point-topoint protocol and other.
The next patches are for.NET Core or Visual Studio, which fix remote code execution and spoofing vulnerabilities.
Administrators need to focus their attention on server-side patch for Hyper-V Domain Services, Active Directory Domain Services and IIS. This patch fixes remote code execution and elevation of privilege as well as Information Disclosure, Tampering and Denial-of-Service vulnerabilities.
| BULLETIN | CVE |
| Microsoft Office Outlook | CVE-2022-35742 |
| Microsoft Office | CVE-2022-34717 |
| Microsoft Office Excel | CVE-2022-33648, CVE-2022-33631 |
| Microsoft windows | CVE-2022-30194, CVE-2022-34701, CVE-2022-35745, CVE-2022-35767, CVE-2022-35766, CVE-2022-35794, CVE-2022-34702, CVE-2022-34714, CVE-2022-35743, CVE-2022-34713, CVE-2022-35760, CVE-2022-35797, CVE-2022-35750, CVE-2022-35820, CVE-2022-35769, CVE-2022-35752, CVE-2022-35753, CVE-2022-34715, CVE-2022-35757, CVE-2022-35771, CVE-2022-34705, CVE-2022-34704, CVE-2022-34710, CVE-2022-34712, CVE-2022-34709, CVE-2022-35804, CVE-2022-35768, CVE-2022-35761, CVE-2022-34707, CVE-2022-34708, CVE-2022-30197, CVE-2022-35758, CVE-2022-35747, CVE-2022-35744, CVE-2022-30133, CVE-2022-33670, CVE-2022-34703, CVE-2022-35759, CVE-2022-34706, CVE-2022-35763, CVE-2022-35762, CVE-2022-35765, CVE-2022-35764, CVE-2022-35792, CVE-2022-34699, CVE-2022-35756, CVE-2022-30144, CVE-2022-35755, CVE-2022-35793, CVE-2022-35795, CVE-2022-34690, CVE-2022-34301, CVE-2022-34302, CVE-2022-34303, CVE-2022-35746, CVE-2022-35749, CVE-2022-35754 |
| Visual Studio | CVE-2022-35825, CVE-2022-35826, CVE-2022-35777, CVE-2022-35827 |
| .NET Core | CVE-2022-34716 |
| IIS | CVE-2022-35748 |
| System Center Operations Manager | CVE-2022-33640 |
| Active Directory Domain Services | CVE-2022-34691 |
| windows Hyper-V | CVE-2022-35751, CVE-2022-34696 |
| Microsoft Exchange Server | CVE-2022-34692, CVE-2022-21979, CVE-2022-30134, CVE-2022-24477, CVE-2022-24516, CVE-2022-21980 |
