Today is the second Tuesday of July 2022 and it’s time to check out the latest security updates from Microsoft. As part of this month’s patch update, Microsoft Fixes 84 Security Flaws, where four of them are classified as ‘Critical’ as they allow remote code execution. Among the 84 bugs fixed today, it comes fixes for one actively exploited zero-day elevation of privileges vulnerability. Earliar this month the company also released two (2) Microsoft Edge (Chromium-Based) security updates as well.
Patch Tuesday updates are cumulative updates that usually only include minor patches and security fixes.
Microsoft July 2022 Patch Tuesday
With todays update Microsoft patch several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Microsoft Edge (Chromium-based), Remote Code Execution (RCE), Security Feature Bypass, and Tampering.
The number of bugs in each vulnerability category is listed below:
- 52 Elevation of Privilege Vulnerabilities
- 4 Security Feature Bypass Vulnerabilities
- 12 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 5 Denial of Service Vulnerabilities
The actively exploited zero-day vulnerability fixed today is tracked as ‘CVE-2022-22047 – Windows Client Server Runtime Subsystem CSRSS Elevation of Privilege Vulnerability.’ An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. (Article 5015874)
Besides CVE-2022-22047, two more elevations of privilege flaws have been fixed in the same component — CVE-2022-22026 (CVSS score: 8.8) and CVE-2022-22049 (CVSS score: 7.8) — that were reported by Google Project Zero researcher Sergei Glazunov.
Recent updates from other companies
Other vendors who released updates in July 2022 include:
- Adobe released security updates for Reader, Acrobat, Photoshop, RoboHelp, and Character and Animator.
- Cisco released security updates for numerous products this month.
- Google released Android’s July security updates, as well as updates for Google Chrome that fixed a zero-day.
- Intel has released an advisory on the new Retbleed vulnerabilities.
- SAP has released its July 2022 Patch Day updates.
- VMware released security updates.
Windows security updates
In addition to Microsoft security updates, this Patch Tuesday also brought Windows 11 and Windows 10 cumulative updates. That includes KB5015814 (OS Build 22000.795) for windows 11 and KB5015807 (OS Builds 19044.1826) for windows 10 version 21H2. So if you are running any of these windows versions make sure you update them as you install the new patches.
Windows 11 KB5015814
With todays update KB5015814 for Windows 11, Microsoft brings search highlights feature that displays a colorful icon in the Windows 11 search bar. And If you hover the mouse over the icon a news overview of an interesting moment of what’s special about each day opens.
In addition to search highlight, today’s update also Addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any output of the command. Consequently, the decrypted password is lost.
Some more bug fixes and improvements inlucde:
- Addresses an issue that might prevent you from upgrading to Windows 11 (original release)
-
Addresses an issue that might prevent you from playing video clips in some games.
- Addresses an issue that causes certain games to stop working if they use certain audio technology to play sound effects.
- Addresses an issue that prevents Bluetooth from reconnecting to some audio devices after you restart the devices.
- Changes the name of the Your Phone app to Phone Link on the Settings page.
- Addresses an issue that causes the Microsoft Surface Dial customization settings page to stop working.
- Addresses a known issue that might prevent you from using the Wi-Fi hotspot feature.
You can read the complete changelog Microsoft support blog here.
Windows 10 KB5015807
Cumulative update KB5015807 for Windows 10 also Addresses security issues for your Windows operating system.
- Addresses an issue that redirects the PowerShell command output so that transcript logs do not contain any output of the command. Consequently, the decrypted password is lost.
- Addresses an issue that prevents the Pashto language from appearing in the language list.
-
Addresses an issue that affects the touchpad area that responds to a right-click (the right-click zone).
- Addresses a known issue that might prevent you from using the Wi-Fi hotspot feature.
-
Addresses a known issue that might prevent the Snip & Sketch app from capturing a screenshot or from opening using the keyboard shortcut (Windows logo key+Shift+S).
You can read the complete changelog Microsoft support blog here.
Download Windows 10 Cumulative update
All these Security updates Automatically download and get installed on your device via Windows update. If your device has not received yet open settings, Update & Security and Check for updates. Once done restart your Device to apply the updates.
If you face any difficulty while installing these updates check how to fix Windows 10 Update installation problems.
Also Read:
- WiFi disconnects automatically after windows 10 update? Try these solutions
- How To Flush and Reset the DNS Cache in Windows 10
- How To Uninstall Windows 10 Built-in apps with PowerShell
- Automatically Disable the touchpad when the mouse is connected windows 10
- Download Latest Windows 10 version 21H2 ISO (Direct from Microsoft server)