Hello everyone! In this episode, let’s take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August Patch Tuesdays.
There were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2.
There was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let’s take a closer look.
01:02 MSDT RCE DogWalk CVE-2022-34713
02:38 3 Microsoft Exchange EOPs (CVE-2022-21980, CVE-2022-24516, CVE-2022-24477)
04:23 13 potentially dangerous vulnerabilities (PPP, SSTP, SMB, Visual Studio, AD, NFS, Print Spooler)
11:06 2 funny vulnerabilities (Edge CVE-2022-2623, Outlook CVE-2022-35742)
12:46 3 mysterious vulnerabilities (CryptoPro, Eurosoft, New Horizon Data Systems)
Video: https://youtu.be/gSC8ExHUtt8
Video2 (for Russia): https://vk.com/video-149273431_456239098
Blogpost: https://avleonov.com/2022/08/23/microsoft-patch-tuesday-august-2022-dogwalk-exchange-eops-13-potentially-dangerous-2-funny-3-mysterious-vulnerabilities/
Full report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_august2022_report_with_comments_ext_img.html
#microsoft #patchtuesday
@avleonovcom
There were 147 vulnerabilities. Urgent: 1, Critical: 0, High: 36, Medium: 108, Low: 2.
There was a lot of great stuff this Patch Tuesday. There was a critical exploited in the wild MSDT DogWalk vulnerability, 3 critical Exchange vulnerabilities that could be easily missed in prioritization, 13 potentially dangerous vulnerabilities, 2 funny vulnerabilities and 3 mysterious ones. Let’s take a closer look.
01:02 MSDT RCE DogWalk CVE-2022-34713
02:38 3 Microsoft Exchange EOPs (CVE-2022-21980, CVE-2022-24516, CVE-2022-24477)
04:23 13 potentially dangerous vulnerabilities (PPP, SSTP, SMB, Visual Studio, AD, NFS, Print Spooler)
11:06 2 funny vulnerabilities (Edge CVE-2022-2623, Outlook CVE-2022-35742)
12:46 3 mysterious vulnerabilities (CryptoPro, Eurosoft, New Horizon Data Systems)
Video: https://youtu.be/gSC8ExHUtt8
Video2 (for Russia): https://vk.com/video-149273431_456239098
Blogpost: https://avleonov.com/2022/08/23/microsoft-patch-tuesday-august-2022-dogwalk-exchange-eops-13-potentially-dangerous-2-funny-3-mysterious-vulnerabilities/
Full report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_august2022_report_with_comments_ext_img.html
#microsoft #patchtuesday
@avleonovcom