52 CVEs got addressed through the December 2022 Patch Tuesday
6 min. read
Updated on
Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more
Here we are, in December, and instead of receiving Christmas carols or gifts in our stockings, Microsoft is giving us another batch of security updates for the Windows operating system.
It’s the second Tuesday of the month, which means that Windows users are looking towards Microsoft in hopes that some of the flaws they’ve been struggling with will finally get fixed.
We’ve already provided the direct download links for the cumulative updates released today for Windows 7, 8.1, 10, and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again.
For December, Microsoft released 52 new patches, which is a lot more than some people were expecting right before we switch to 2023.
These software updates address CVEs in:
- Microsoft Windows and Windows Components
- Azure
- Office and Office Components
- SysInternals
- Microsoft Edge (Chromium-based)
- SharePoint Server
- .NET framework
We got 52 new fixes in December 2022’s Patch Tuesday rollout
It’s safe to say that this wasn’t either the busiest or the lightest month for Redmond-based security experts, so we should be sort of glad.
You might like to know that, out of the 52 new CVEs released, 43 are rated Important, and three are rated Moderate in severity.
And, if you are looking for an overall for the year 2022, know that it actually was Microsoft’s second busiest ever with Microsoft fixing over 900 CVEs in total.
Out of all these vulnerabilities addressed this month, one of the new CVEs is listed as publicly known, and one is listed as being in the wild at the time of release
You might want to remember that these types of bugs are often wrapped into some form of social engineering attack, such as convincing someone to open a file or click a link.
Let’s take a closer look at the full list of CVEs released by Microsoft for December 2022:
CVE | Title | Severity | CVSS | Public | Exploited | Type |
CVE-2022-44698 | Windows SmartScreen Security Feature Bypass Vulnerability | Moderate | 5.4 | No | Yes | SFB |
CVE-2022-44710 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | Important | 7.8 | Yes | No | EoP |
CVE-2022-41127 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | Critical | 8.5 | No | No | RCE |
CVE-2022-44690 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | 8.8 | No | No | RCE |
CVE-2022-44693 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | 8.8 | No | No | RCE |
CVE-2022-41076 | PowerShell Remote Code Execution Vulnerability | Critical | 8.5 | No | No | RCE |
CVE-2022-44670 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
CVE-2022-44676 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | Critical | 8.1 | No | No | RCE |
CVE-2022-41089 | .NET Framework Remote Code Execution Vulnerability | Important | 8.8 | No | No | RCE |
CVE-2022-44699 | Azure Network Watcher Agent Security Feature Bypass Vulnerability | Important | 4.4 | No | No | SFB |
CVE-2022-44708 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | Important | 8.3 | No | No | EoP |
CVE-2022-41115 | Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability | Important | 6.6 | No | No | EoP |
CVE-2022-26804 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-26805 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-26806 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44692 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-47211 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-47212 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-47213 | Microsoft Office Graphics Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44691 | Microsoft Office OneNote Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44694 | Microsoft Office Visio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44695 | Microsoft Office Visio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44696 | Microsoft Office Visio Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44713 | Microsoft Outlook for Mac Spoofing Vulnerability | Important | 7.5 | No | No | Spoofing |
CVE-2022-44704 | Microsoft Windows Sysmon Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-24480 | Outlook for Android Elevation of Privilege Vulnerability | Important | 6.3 | No | No | EoP |
CVE-2022-44687 | Raw Image Extension Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44675 | Windows Bluetooth Driver Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44674 | Windows Bluetooth Driver Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
CVE-2022-44673 | Windows Client Server Run-Time Subsystem (CSRSS) Elevation of Privilege Vulnerability | Important | 7 | No | No | EoP |
CVE-2022-44666 | Windows Contacts Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44669 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | 7 | No | No | EoP |
CVE-2022-41077 | Windows Fax Compose Form Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-41121 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44671 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44680 | Windows Graphics Component Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-41074 | Windows Graphics Component Information Disclosure Vulnerability | Important | 5.5 | No | No | Info |
CVE-2022-44679 | Windows Graphics Component Information Disclosure Vulnerability | Important | 6.5 | No | No | Info |
CVE-2022-44682 | Windows Hyper-V Denial of Service Vulnerability | Important | 6.8 | No | No | DoS |
CVE-2022-41094 | Windows Hyper-V Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44707 | Windows Kernel Denial of Service Vulnerability | Important | 6.5 | No | No | DoS |
CVE-2022-44683 | Windows Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44667 | Windows Media Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44668 | Windows Media Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44678 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44681 | Windows Print Spooler Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44677 | Windows Projected File System Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44689 | Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability | Important | 7.8 | No | No | EoP |
CVE-2022-44702 | Windows Terminal Remote Code Execution Vulnerability | Important | 7.8 | No | No | RCE |
CVE-2022-44684 | Windows Local Session Manager (LSM) Denial of Service Vulnerability | Important | 6.5 | No | No | DoS |
CVE-2022-44688 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Moderate | 4.3 | No | No | Spoofing |
CVE-2022-44697 | Windows Graphics Component Elevation of Privilege Vulnerability | Moderate | 7.8 | No | No | EoP |
The PowerShell Remote Code Execution Vulnerability is nothing to take lightly. This Critical-rated bug could actually allow an authenticated user to escape the PowerShell Remoting Session Configuration and run unapproved commands on an affected system.
Malicious third parties often try to live off the land after an initial breach, which means that they use tools already on a system to maintain access and move throughout a network.
Know that PowerShell is one such tool, so any bug that will therefore bypass active restrictions is likely to be abused by unwanted guests.
As for the remaining Critical-rated fixes, there are two patches for the older Secure Socket Tunneling Protocol (SSTP).
According to Microsoft, both could allow a remote, unauthenticated threat actor to get code execution on an affected system by sending a specially crafted connection request to a server with the RAS Server role enabled.
There are 16 other remote code execution bugs getting fixes this December, packed along with 18 other patches addressing Elevation of Privilege (EoP) bugs.
Let’s also mention the one new advisory (ADV220005) this month, which provides additional guidance on third-party drivers that appear to be certified by the Microsoft Windows Hardware Developer Program.
The tech company stated that the drivers that appear to have been certified by this program have been seen in the wild in post-exploitation activity.
Have you found any other issues after installing this month’s security updates? Share your experience with us in the comments section below.