Microsoft 8 lutego 2022 roku wydał nowy pakiet aktualizacji bezpieczeństwa w ramach comiesięcznego Patch Tuesday. Wydano łącznie 126 poprawki bezpieczeństwa, w tym 6 oznaczonych jako krytyczne.
Description |
|||||||
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) |
CVSS Temporal (AVG) |
.NET Denial of Service Vulnerability |
|||||||
CVE-2022-21986 | No | No | Less Likely | Less Likely | Important | 7.5 |
6.5 |
Azure Data Explorer Spoofing Vulnerability |
|||||||
CVE-2022-23256 | No | No | Less Likely | Less Likely | Important | 8.1 |
7.1 |
Chromium: CVE-2022-0452 Use after free in Safe Browsing |
|||||||
CVE-2022-0452 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0453 Use after free in Reader Mode |
|||||||
CVE-2022-0453 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0454 Heap buffer overflow in ANGLE |
|||||||
CVE-2022-0454 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0455 Inappropriate implementation in Full Screen Mode |
|||||||
CVE-2022-0455 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0456 Use after free in Web Search |
|||||||
CVE-2022-0456 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0457 Type Confusion in V8 |
|||||||
CVE-2022-0457 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0458 Use after free in Thumbnail Tab Strip |
|||||||
CVE-2022-0458 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0459 Use after free in Screen Capture |
|||||||
CVE-2022-0459 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0460 Use after free in Window Dialog |
|||||||
CVE-2022-0460 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0461 Policy bypass in COOP |
|||||||
CVE-2022-0461 | No | No | – | – |
– |
||
Chromium: CVE-2022-0462 Inappropriate implementation in Scroll |
|||||||
CVE-2022-0462 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0463 Use after free in Accessibility |
|||||||
CVE-2022-0463 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0464 Use after free in Accessibility |
|||||||
CVE-2022-0464 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0465 Use after free in Extensions |
|||||||
CVE-2022-0465 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0466 Inappropriate implementation in Extensions Platform |
|||||||
CVE-2022-0466 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0467 Inappropriate implementation in Pointer Lock |
|||||||
CVE-2022-0467 | No | No | – | – |
– |
||
Chromium: CVE-2022-0468 Use after free in Payments |
|||||||
CVE-2022-0468 | No | No | – | – | – |
|
|
Chromium: CVE-2022-0469 Use after free in Cast |
|||||||
CVE-2022-0469 | No | No | – | – |
– |
||
Chromium: CVE-2022-0470 Out of bounds memory access in V8 |
|||||||
CVE-2022-0470 | No | No | – | – | – |
|
|
HEVC Video Extensions Remote Code Execution Vulnerability |
|||||||
CVE-2022-21844 | No | No | Less Likely | Less Likely | Important | 7.8 |
6.8 |
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
CVE-2022-21927 | No | No | Unlikely | Unlikely | Important | 7.8 |
6.8 |
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability |
|||||||
CVE-2022-21957 | No | No | Less Likely | Less Likely | Important | 7.2 |
6.3 |
Microsoft Dynamics GP Elevation Of Privilege Vulnerability |
|||||||
CVE-2022-23271 | No | No | Less Likely | Less Likely | Important | 6.5 |
5.7 |
No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 | |
CVE-2022-23273 | No | No | Less Likely | Less Likely | Important | 7.1 |
6.2 |
Microsoft Dynamics GP Remote Code Execution Vulnerability |
|||||||
CVE-2022-23274 | No | No | Less Likely | Less Likely | Important | 8.3 |
7.2 |
Microsoft Dynamics GP Spoofing Vulnerability |
|||||||
CVE-2022-23269 | No | No | Less Likely | Less Likely | Important | 6.9 |
6.0 |
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
|||||||
CVE-2022-23262 | No | No | Less Likely | Less Likely | Important | 6.3 |
5.5 |
No | No | Less Likely | Less Likely | Important | 7.7 | 6.7 | |
Microsoft Edge (Chromium-based) Tampering Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Moderate | 5.3 | 4.6 | |
Microsoft Excel Information Disclosure Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 | |
Microsoft Office ClickToRun Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Microsoft Office Graphics Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Microsoft Office Information Disclosure Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 | |
Microsoft Office Visio Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Microsoft OneDrive for Android Security Feature Bypass Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.9 | 5.2 | |
Microsoft Outlook for Mac Security Feature Bypass Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 | |
Microsoft Power BI Elevation of Privilege Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 4.9 | 4.3 | |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
|||||||
No | No | More Likely | More Likely | Important | 8.8 | 7.7 | |
Microsoft SharePoint Server Security Feature BypassVulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 4.3 | 3.8 | |
Microsoft SharePoint Server Spoofing Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 8.0 | 7.0 | |
Microsoft Teams Denial of Service Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 | |
Named Pipe File System Elevation of Privilege Vulnerability |
|||||||
No | No | More Likely | More Likely | Important | 7.8 | 6.8 | |
Roaming Security Rights Management Services Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
SQL Server for Linux Containers Elevation of Privilege Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
VP9 Video Extensions Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 | |
Win32k Elevation of Privilege Vulnerability |
|||||||
No | No | – | – | Important | 7.8 | 6.8 | |
Windows Common Log File System Driver Denial of Service Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 | |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
|||||||
No | No | More Likely | More Likely | Important | 7.8 | 6.8 | |
CVE-2022-22000 | No | No | More Likely | More Likely | Important | 7.8 |
6.8 |
Windows Common Log File System Driver Information Disclosure Vulnerability |
|||||||
CVE-2022-21998 | No | No | Less Likely | Less Likely | Important | 5.5 |
4.8 |
Windows DNS Server Remote Code Execution Vulnerability |
|||||||
CVE-2022-21984 | No | No | Less Likely | Less Likely | Important | 8.1 |
7.7 |
Windows DWM Core Library Elevation of Privilege Vulnerability |
|||||||
CVE-2022-21994 | No | No | More Likely | More Likely | Important | 7.8 |
6.8 |
Windows Hyper-V Denial of Service Vulnerability |
|||||||
CVE-2022-22712 | No | No | Less Likely | Less Likely | Important | 5.6 |
4.9 |
Windows Hyper-V Remote Code Execution Vulnerability |
|||||||
CVE-2022-21995 | No | No | Less Likely | Less Likely | Important | 7.9 |
6.9 |
Windows Kernel Elevation of Privilege Vulnerability |
|||||||
CVE-2022-21989 | Yes | No | More Likely | More Likely | Important | 7.8 |
7.0 |
Windows Mobile Device Management Remote Code Execution Vulnerability |
|||||||
CVE-2022-21992 | No | No | Less Likely | Less Likely | Important | 7.8 |
6.8 |
Windows Print Spooler Elevation of Privilege Vulnerability |
|||||||
CVE-2022-22717 | No | No | Less Likely | Less Likely | Important | 7.0 |
6.1 |
No | No | More Likely | More Likely | Important | 7.8 | 6.8 | |
CVE-2022-21997 | No | No | Less Likely | Less Likely | Important | 7.2 |
6.2 |
No | No | More Likely | More Likely | Important | 7.8 | 6.8 | |
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Windows Remote Access Connection Manager Information Disclosure Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 | |
Windows Runtime Remote Code Execution Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 | |
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 | |
Windows User Account Profile Picture Denial of Service Vulnerability |
|||||||
No | No | Less Likely | Less Likely | Important | 5.5 |
4.8 |