Tripwire Patch Priority Index for June 2022

Tripwire’s June 2022 Patch Priority Index (PPI) incorporates critical vulnerabilities from Microsoft.

First on this month’s patch priority list is a patch for a remote code execution vulnerability in Edge.

The following patches for Office and Excel resolve three information disclosure vulnerabilities and one remote code execution vulnerability.

The following patches affect components of the Windows operating system. They address more than 25 vulnerabilities, including elevation of privilege, information disclosure, security feature bypass, remote code execution, and denial of service vulnerabilities. These vulnerabilities affect core Windows, kernel, media center, print spooler, LSA, network file system, Kerberos, and more.

Here is a patch for .NET and Visual Studio that addresses the information disclosure vulnerability.

The following patches address information disclosure vulnerabilities in various Intel CPU families.

Finally, administrators should focus on server-side patches for Hyper-V, LDAP, SharePoint, SQL Server, and Remote Volume Shadow Copy Service (RVSS). This addresses remote code execution and elevation of privilege vulnerabilities.

circular	CVE
Microsoft Edge (Chromium-based)	CVE-2022-22021
microsoft office	CVE-2022-30172, CVE-2022-30171, CVE-2022-30159, CVE-2022-30174
Microsoft Office Excel	CVE-2022-30173
Microsoft Windows	CVE-2022-30131, CVE-2022-30135, CVE-2022-30147, CVE-2022-30136, CVE-2022-30148, CVE-2022-30140, CVE-2022-301267 C2022-29119, CVE-2022-29111 , CVE-2022-22018, CVE-2022-30188, CVE-2022-30151, CVE-2022-30155, CVE-2022-30162, CVE-2022-30162, C30150, CVE-2022-30166, CVE-2022-30142 , CVE-2022-30189, CVE-2022-30164, CVE-2022-320165, CVE-2022-30145, CVE-2102 CVE-2022-32230
.NET and Visual Studio	CVE-2022-30184
Intel	CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166
Role: Windows Hyper-V	CVE-2022-30163
Remote Volume Shadow Copy Service (RVSS)	CVE-2022-30154
microsoft office sharepoint	CVE-2022-30157, CVE-2022-30158
Windows LDAP – Lightweight Directory Access Protocol	CVE-2022-30149, CVE-2022-30141, CVE-2022-30143, CVE-2022-30161, CVE-2022-30146, CVE-2022-30139, CVE-2022-30153

Source

Tripwire Patch Priority Index for June 2022

CISO to BISO – What’s your next role?

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day – Naked Security

A flaw in OpenSSH forwarded ssh-agent allows remote code executionSecurity Affairs

Experts warn of OSS supply chain attacks on the banking sectorSecurity Affairs

CISO to BISO – What’s your next role?

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day – Naked Security

A flaw in OpenSSH forwarded ssh-agent allows remote code executionSecurity Affairs

Experts warn of OSS supply chain attacks on the banking sectorSecurity Affairs

Editor Picks

Heimdal® Threat Prevention Adds New DNS over HTTPS & Hybrid DNS Features

VERT Reads All About It – Cybersecurity News March 27, 2023

Apple patches everything, including a zero-day fix for iOS 15 users – Naked Security

Must read

18 cybersecurity startups to watch

Microsoft’s Autopatch feature improves the patch management processSecurity Affairs

Not Feeling it Tonight? Here’s The Ultimate List of Safe Porn Sites.

Popular categories