Tripwire's July 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe.
First on the patch priority list this month are patches that resolve 2 vulnerabilities in Edge.
Next is a patch that resolves a security feature bypass vulnerability in Office.
Up next are patches for Adobe Reader and Acrobat that resolve 22 issues including arbitrary code execution and memory leak vulnerabilities.
Up next are patches that affect components of the Windows operating systems. These patches resolve over 35 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, Kernel, Media Center, Print Spooler, Network File System, Advanced Local Procedure Call, Graphics, GDI+, CSRSS, BitLocker, and others.
Lastly, administrators should focus on server-side patches for Hyper-V, Network File System (NFS), Skype for Business and Microsoft Lync, Server Service, Active Directory, IIS, and DNS. These resolve remote code execution, elevation of privilege, Information Disclosure, Tampering, and Denial of Service vulnerabilities.
BULLETIN |
CVE |
CVE-2022-2294, CVE-2022-2295 |
|
CVE-2022-33632 |
|
CVE-2022-34232,CVE-2022-34215,CVE-2022-34233,CVE-2022-34216,CVE-2022-34217,CVE-2022-34219,CVE-2022-34220,CVE-2022-34234,CVE-2022-34221,CVE-2022-34236,CVE-2022-34239,CVE-2022-34238,CVE-2022-34237,CVE-2022-34222,CVE-2022-34223,CVE-2022-34224,CVE-2022-34225,CVE-2022-34226,CVE-2022-34227,CVE-2022-34228,CVE-2022-34229,CVE-2022-34230 |
|
CVE-2022-22048, CVE-2022-22711, CVE-2022-22023, CVE-2022-30225, CVE-2022-22045, CVE-2022-30205, CVE-2022-22026, CVE-2022-22047, CVE-2022-22049, CVE-2022-23816, CVE-2022-23825, CVE-2022-22036, CVE-2022-30213, CVE-2022-22034, CVE-2022-30221, CVE-2022-33644, CVE-2022-30208, CVE-2022-21845, CVE-2022-30211, CVE-2022-22038, CVE-2022-30222, CVE-2022-22031, CVE-2022-30220, CVE-2022-30203, CVE-2022-30202, CVE-2022-22037, CVE-2022-30224, CVE-2022-30212, CVE-2022-30206, CVE-2022-22022, CVE-2022-22041, CVE-2022-30226, CVE-2022-22043, CVE-2022-33637, CVE-2022-22024, CVE-2022-22027, CVE-2022-22050 |
|
CVE-2022-22042, CVE-2022-30223 |
|
CVE-2022-22028, CVE-2022-22029, CVE-2022-22039 |
|
CVE-2022-33633 |
|
CVE-2022-30216 |
|
CVE-2022-30215 |
|
CVE-2022-22040, CVE-2022-30209, CVE-2022-22025 |
|
CVE-2022-30214 |
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.