Windows users, however, are looking towards Microsoft in hopes that some of the flaws they’ve been struggling with will finally get fixed. We’ve already provided the direct download links for the cumulative updates released today for Windows 10 and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again. This month, the Redmond tech giant released 84 new patches, which is a lot more than some people were expecting right after Easter. These software updates address CVEs in:
Microsoft Windows and Windows Components Windows Azure components Microsoft Defender for Endpoint Microsoft Edge (Chromium-based) Office and Office Components Windows BitLocker Windows Hyper-V Skype for Business and Microsoft Lync Open-Source Software Xbox
Microsoft provides fixes for 84 flaws in July 2022
It’s pretty much safe to say that this wasn’t either the busiest or the lightest month for Redmond-based security experts. You might like to know that, out of the 84 new CVEs released, 4 are rated Critical, and the rest of them (80) are rated as Important. We’re talking about 52 elevation of privilege vulnerabilities, 4 security feature bypass vulnerabilities, 12 remote code execution vulnerabilities, 11 information disclosure vulnerabilities, and 5 denials of service vulnerabilities You should keep in mind that this month’s Patch Tuesday updates fix an actively exploited zero-day elevation of privileges vulnerability. SPONSORED The company classified a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available. To be more clear, the actively exploited zero-day vulnerability fixed today is tracked as CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability. By exploiting it, a malicious third party could actually gain SYSTEM privileges, as Microsoft security experts have advised through this recent release. Also, just as important, remember that there are three fixes for denial-of-service (DoS) bugs in this month’s release, all of them impactful. And, out of the 52 fixes for EoP bugs, 30 of them address Azure Site Recovery bugs, one of them supposedly under active attack. Looking forward, the next Patch Tuesday security update rollout will be on the 9th of August, which is a bit sooner than some expected it. Have you found any other issues after installing this month’s security updates? Share your opinion in the comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ