08.10.2022

Microsoft Patch Tuesday, August 9, 2022

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 08/10/2022

Action Level - High

Description

Microsoft’s latest security update on Tuesday, August 9, 2022, contains 121 CVEs, with two that are either currently known to be exploited or were publicly known at the time of release.

Notably, CVE-2022-34713 AKA ‘DogWalk’ is an actively exploited MSDT (Microsoft Support Diagnostic Tool) vulnerability which allows remote code execution. CVE-2022-30134, the other zero-day vulnerability, allows an attacker to read targeted email messages and is not currently known to be exploited.

Overall, 17 of the CVEs in this cycle are rated Critical. One Important vulnerability is known to be exploited currently, and one other Important has been publicly disclosed.

Remediation

Ensure your devices are running current patches per vendor guidance. If you are unable to patch, review the Critical and Disclosed CVEs and explore their specific mitigation options. Zero Day Initiative has a consolidated list here.

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC