Microsoft 8 lutego 2022 roku wydał nowy pakiet aktualizacji bezpieczeństwa w ramach comiesięcznego Patch Tuesday. Wydano łącznie 126 poprawki bezpieczeństwa, w tym 6 oznaczonych jako krytyczne.

Description

CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG)

CVSS Temporal (AVG)

.NET Denial of Service Vulnerability

CVE-2022-21986 No No Less Likely Less Likely Important 7.5

6.5

Azure Data Explorer Spoofing Vulnerability

CVE-2022-23256 No No Less Likely Less Likely Important 8.1

7.1

Chromium: CVE-2022-0452 Use after free in Safe Browsing

CVE-2022-0452 No No

Chromium: CVE-2022-0453 Use after free in Reader Mode

CVE-2022-0453 No No

Chromium: CVE-2022-0454 Heap buffer overflow in ANGLE

CVE-2022-0454 No No

Chromium: CVE-2022-0455 Inappropriate implementation in Full Screen Mode

CVE-2022-0455 No No

Chromium: CVE-2022-0456 Use after free in Web Search

CVE-2022-0456 No No

Chromium: CVE-2022-0457 Type Confusion in V8

CVE-2022-0457 No No

Chromium: CVE-2022-0458 Use after free in Thumbnail Tab Strip

CVE-2022-0458 No No

Chromium: CVE-2022-0459 Use after free in Screen Capture

CVE-2022-0459 No No

Chromium: CVE-2022-0460 Use after free in Window Dialog

CVE-2022-0460 No No

Chromium: CVE-2022-0461 Policy bypass in COOP

CVE-2022-0461 No No

Chromium: CVE-2022-0462 Inappropriate implementation in Scroll

CVE-2022-0462 No No

Chromium: CVE-2022-0463 Use after free in Accessibility

CVE-2022-0463 No No

Chromium: CVE-2022-0464 Use after free in Accessibility

CVE-2022-0464 No No

Chromium: CVE-2022-0465 Use after free in Extensions

CVE-2022-0465 No No

Chromium: CVE-2022-0466 Inappropriate implementation in Extensions Platform

CVE-2022-0466 No No

Chromium: CVE-2022-0467 Inappropriate implementation in Pointer Lock

CVE-2022-0467 No No

Chromium: CVE-2022-0468 Use after free in Payments

CVE-2022-0468 No No

Chromium: CVE-2022-0469 Use after free in Cast

CVE-2022-0469 No No

Chromium: CVE-2022-0470 Out of bounds memory access in V8

CVE-2022-0470 No No

HEVC Video Extensions Remote Code Execution Vulnerability

CVE-2022-21844 No No Less Likely Less Likely Important 7.8

6.8

CVE-2022-21926

No No Less Likely Less Likely Important 7.8 6.8
CVE-2022-21927 No No Unlikely Unlikely Important 7.8

6.8

Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability

CVE-2022-21957 No No Less Likely Less Likely Important 7.2

6.3

Microsoft Dynamics GP Elevation Of Privilege Vulnerability

CVE-2022-23271 No No Less Likely Less Likely Important 6.5

5.7

CVE-2022-23272

No No Less Likely Less Likely Important 8.1 7.1
CVE-2022-23273 No No Less Likely Less Likely Important 7.1

6.2

Microsoft Dynamics GP Remote Code Execution Vulnerability

CVE-2022-23274 No No Less Likely Less Likely Important 8.3

7.2

Microsoft Dynamics GP Spoofing Vulnerability

CVE-2022-23269 No No Less Likely Less Likely Important 6.9

6.0

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2022-23262 No No Less Likely Less Likely Important 6.3

5.5

CVE-2022-23263

No No Less Likely Less Likely Important 7.7 6.7

Microsoft Edge (Chromium-based) Tampering Vulnerability

CVE-2022-23261

No No Less Likely Less Likely Moderate 5.3 4.6

Microsoft Excel Information Disclosure Vulnerability

CVE-2022-22716

No No Less Likely Less Likely Important 5.5 4.8

Microsoft Office ClickToRun Remote Code Execution Vulnerability

CVE-2022-22004

No No Less Likely Less Likely Important 7.8 6.8

Microsoft Office Graphics Remote Code Execution Vulnerability

CVE-2022-22003

No No Less Likely Less Likely Important 7.8 6.8

Microsoft Office Information Disclosure Vulnerability

CVE-2022-23252

No No Less Likely Less Likely Important 5.5 4.8

Microsoft Office Visio Remote Code Execution Vulnerability

CVE-2022-21988

No No Less Likely Less Likely Important 7.8 6.8

Microsoft OneDrive for Android Security Feature Bypass Vulnerability

CVE-2022-23255

No No Less Likely Less Likely Important 5.9 5.2

Microsoft Outlook for Mac Security Feature Bypass Vulnerability

CVE-2022-23280

No No Less Likely Less Likely Important 5.3 4.6

Microsoft Power BI Elevation of Privilege Vulnerability

CVE-2022-23254

No No Less Likely Less Likely Important 4.9 4.3

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-22005

No No More Likely More Likely Important 8.8 7.7

Microsoft SharePoint Server Security Feature BypassVulnerability

CVE-2022-21968

No No Less Likely Less Likely Important 4.3 3.8

Microsoft SharePoint Server Spoofing Vulnerability

CVE-2022-21987

No No Less Likely Less Likely Important 8.0 7.0

Microsoft Teams Denial of Service Vulnerability

CVE-2022-21965

No No Less Likely Less Likely Important 7.5 6.5

Named Pipe File System Elevation of Privilege Vulnerability

CVE-2022-22715

No No More Likely More Likely Important 7.8 6.8

Roaming Security Rights Management Services Remote Code Execution Vulnerability

CVE-2022-21974

No No Less Likely Less Likely Important 7.8 6.8

SQL Server for Linux Containers Elevation of Privilege Vulnerability

CVE-2022-23276

No No Less Likely Less Likely Important 7.8 6.8

VP9 Video Extensions Remote Code Execution Vulnerability

CVE-2022-22709

No No Less Likely Less Likely Important 7.8 6.8

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

CVE-2022-21991

No No Less Likely Less Likely Important 8.1 7.1

Win32k Elevation of Privilege Vulnerability

CVE-2022-21996

No No Important 7.8 6.8

Windows Common Log File System Driver Denial of Service Vulnerability

CVE-2022-22710

No No Less Likely Less Likely Important 5.5 4.8

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2022-21981

No No More Likely More Likely Important 7.8 6.8
CVE-2022-22000 No No More Likely More Likely Important 7.8

6.8

Windows Common Log File System Driver Information Disclosure Vulnerability

CVE-2022-21998 No No Less Likely Less Likely Important 5.5

4.8

Windows DNS Server Remote Code Execution Vulnerability

CVE-2022-21984 No No Less Likely Less Likely Important 8.1

7.7

Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2022-21994 No No More Likely More Likely Important 7.8

6.8

Windows Hyper-V Denial of Service Vulnerability

CVE-2022-22712 No No Less Likely Less Likely Important 5.6

4.9

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2022-21995 No No Less Likely Less Likely Important 7.9

6.9

Windows Kernel Elevation of Privilege Vulnerability

CVE-2022-21989 Yes No More Likely More Likely Important 7.8

7.0

Windows Mobile Device Management Remote Code Execution Vulnerability

CVE-2022-21992 No No Less Likely Less Likely Important 7.8

6.8

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2022-22717 No No Less Likely Less Likely Important 7.0

6.1

CVE-2022-22718

No No More Likely More Likely Important 7.8 6.8
CVE-2022-21997 No No Less Likely Less Likely Important 7.2

6.2

CVE-2022-21999

No No More Likely More Likely Important 7.8 6.8

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

CVE-2022-22001

No No Less Likely Less Likely Important 7.8 6.8

Windows Remote Access Connection Manager Information Disclosure Vulnerability

CVE-2022-21985

No No Less Likely Less Likely Important 5.5 4.8

Windows Runtime Remote Code Execution Vulnerability

CVE-2022-21971

No No Less Likely Less Likely Important 7.8 6.8

Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

CVE-2022-21993

No No Less Likely Less Likely Important 7.5 6.5

Windows User Account Profile Picture Denial of Service Vulnerability

CVE-2022-22002

No No Less Likely Less Likely Important 5.5

4.8