Welcome to our summary of this month’s Patch Tuesday (August 2022). We have tabulated the vulnerabilities that the latest patches from Microsoft and Adobe fix, so that you can easily export them for use in your vulnerability management program.

Microsoft Patch Tuesday August 2022

121 vulnerabilities have been fixed in Microsoft’s August 2022 update.

17 were marked as Critical vulnerabilities as they allow Elevation of Privilege (EoP) and Remote Code Execution (RCE).

The new patches address CVEs in Microsoft Windows and Windows Components; Azure Batch Node Agent, Real Time Operating System, Site Recovery, and Sphere; Microsoft Dynamics; Microsoft Edge (Chromium-based); Exchange Server; Office and Office Components; PPTP, SSTP, and Remote Access Service PPTP; Hyper-V; System Center Operations Manager; Windows Internet Information Services; Print Spooler Components; and Windows Defender Credential Guard.

This is in addition to the 17 CVEs patched in Microsoft Edge (Chromium-based) and 3 patches related to secure boot from CERT/CC, bringing the total number of MS CVEs to 141.

[wpdatatable id=”4″ /]

Adobe Patch Tuesday 2022

Adobe’s August update addresses 25 CVEs in five patches for Adobe Acrobat and Reader, Commerce, Illustrator, FrameMaker, and Adobe Premier Elements.

The updates for Acrobat and Reader address three Critical and four Important bugs. These critical vulnerabilities could allow code execution if an attacker could convince a user to open a specially crafted file.

There are also seven total fixes for Commerce, including four Critical bugs. Two of these could allow code execution and two could lead to a privilege escalation. The XML injection bug fixed by this has the highest CVSS of Adobe’s Patch Tuesday release at 9.1.

The patch for Illustrator contains two Critical and two Important fixes. The most severe could lead to code execution when opening a specially crafted file. Five of the six FrameMaker could lead to code execution.

Finally, there’s a single Critical-rated CVE in the Premier Elements patch resulting from an uncontrolled search path element.

[wpdatatable id=”3″ /]

Subscribe So You Never Miss an Update

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Patch Tuesday Review – August 2022

Microsoft Patch Tuesday August 2022

Adobe Patch Tuesday 2022

Related Posts