Posts

Microsoft Security Bulletin Coverage for July 2022

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of July 2022. A list of issues reported, along with SonicWall coverage information, is as follows:

CVE-2022-22034 Windows Graphics Component Elevation of Privilege Vulnerability
ASPY 340:Malformed-File exe.MP_261

CVE-2022-22047 Windows CSRSS Elevation of Privilege
ASY 339:Malformed-File exe.MP_260

CVE-2022-30202 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
ASPY 341:Malformed-File exe.MP_262

CVE-2022-30216 Windows Server Service Tampering Vulnerability
ASPY 334:Malformed-File exe.MP_258

CVE-2022-30220 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 335:Malformed-File exe.MP_259

Adobe Coverage:
CVE-2022-34215 Acrobat Reader Out-of-bounds Read Vulnerability
ASPY 336:Malformed-File pdf.MP_554

CVE-2022-34222 Acrobat Reader Out-of-bounds Read Vulnerability
ASPY 337:Malformed-File pdf.MP_555

CVE-2022-34227 Acrobat Reader Use After Free Vulnerability
ASPY 338:Malformed-File pdf.MP_556

The following vulnerabilities do not have exploits in the wild :
CVE-2022-21845 Windows Kernel Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22022 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22023 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-22024 Windows Fax Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22025 Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-22026 Windows CSRSS Elevation of Privilege
There are no known exploits in the wild.
CVE-2022-22027 Windows Fax Service Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22028 Windows Network File System Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22029 Windows Network File System Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22031 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22036 Performance Counters for Windows Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22037 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22038 Remote Procedure Call Runtime Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22039 Windows Network File System Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-22040 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-22041 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22042 Windows Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-22043 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22045 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22048 BitLocker Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-22049 Windows CSRSS Elevation of Privilege
There are no known exploits in the wild.
CVE-2022-22050 Windows Fax Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-22711 Windows BitLocker Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-23816 AMD CPU Branch Type Confusion
There are no known exploits in the wild.
CVE-2022-23825 AMD CPU Branch Type Confusion
There are no known exploits in the wild.
CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data
There are no known exploits in the wild.
CVE-2022-30181 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30187 Azure Storage Library Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-30203 Windows Boot Manager Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-30205 Windows Group Policy Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30206 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30208 Windows Security Account Manager (SAM) Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2022-30209 Windows IIS Server Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30211 Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30212 Windows Connected Devices Platform Service Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-30213 Windows GDI+ Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-30214 Windows DNS Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30215 Active Directory Federation Services Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30221 Windows Graphics Component Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-30223 Windows Hyper-V Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2022-30224 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30225 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-30226 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33632 Microsoft Office Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2022-33633 Skype for Business and Lync Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-33637 Microsoft Defender for Endpoint Tampering Vulnerability
There are no known exploits in the wild.
CVE-2022-33640 Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33641 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33642 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33643 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33644 Xbox Live Save Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33650 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33651 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33652 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33653 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33654 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33655 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33656 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33657 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33658 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33659 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33660 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33661 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33662 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33663 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33664 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33665 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33666 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33667 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33668 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33669 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33671 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33672 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33673 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33674 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33675 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33676 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2022-33677 Azure Site Recovery Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2022-33678 Azure Site Recovery Remote Code Execution Vulnerability
There are no known exploits in the wild.