Tripwire's December 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.
First on the patch priority list this month are patches for Microsoft Edge, which resolve over 25 issues including use-after-free, type confusion, insufficient data validation, insufficient policy enforcement, and other vulnerabilities.
Next are patches for Microsoft Office, Outlook, OneNote, and Visio that resolve 8 vulnerabilities, including remote code execution and elevation of privilege vulnerabilities.
Up next are patches that affect components of the core Windows operating system. These patches resolve over 30 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, Fax Service, Print Spooler, Secure Socket Tunneling Protocol, Graphics, Bluetooth Driver, WSL2, CSRSS, and others.
Next is a patch for .NET that resolves a remote code execution vulnerability.
Lastly, administrators should focus on server-side patches for SharePoint, Hyper-V, and Dynamics. These patches resolve denial of service and remote code execution vulnerabilities.
|
BULLETIN |
CVE |
|
CVE-2022-4440,CVE-2022-4439,CVE-2022-4438,CVE-2022-4437,CVE-2022-4436,CVE-2022-4175,CVE-2022-4174,CVE-2022-4177,CVE-2022-4195,CVE-2022-4194,CVE-2022-4179,CVE-2022-4178,CVE-2022-4191,CVE-2022-4190,CVE-2022-4193,CVE-2022-4192,CVE-2022-4188,CVE-2022-4189,CVE-2022-4180,CVE-2022-4181,CVE-2022-4182,CVE-2022-4183,CVE-2022-4184,CVE-2022-4185,CVE-2022-4186,CVE-2022-4187 |
|
|
CVE-2022-44692 |
|
|
CVE-2022-44713, CVE-2022-24480 |
|
|
CVE-2022-44696, CVE-2022-44695, CVE-2022-44694 |
|
|
CVE-2022-44691 |
|
|
CVE-2022-44670, CVE-2022-44676, CVE-2022-44669, CVE-2022-44678, CVE-2022-44704, CVE-2022-44710, CVE-2022-41076, CVE-2022-44687, CVE-2022-44667, CVE-2022-44668, CVE-2022-26805, CVE-2022-26806, CVE-2022-26804, CVE-2022-47212, CVE-2022-47213, CVE-2022-47211, CVE-2022-44671, CVE-2022-41121, CVE-2022-44680, CVE-2022-44697, CVE-2022-44679, CVE-2022-41074, CVE-2022-44707, CVE-2022-44683, CVE-2022-44675, CVE-2022-44674, CVE-2022-44673, CVE-2022-44677, CVE-2022-44689, CVE-2022-44698, CVE-2022-41077, CVE-2022-44666, CVE-2022-44681, CVE-2022-44702 |
|
|
CVE-2022-41089 |
|
|
CVE-2022-44693, CVE-2022-44690 |
|
|
CVE-2022-44682, CVE-2022-41094 |
|
|
CVE-2022-41127 |
