Tuesday, August 09, 2022

Microsoft August 2022 Security Updates

              

The Microsoft August 2022 security updates have been released and consist of 151 CVEs.  Of these CVEs, 17 are rated critical, 102 rated important, 1 rated moderate, and 1 rated low in severity.  At the time of release, two are listed as publicly known and one is listed as under active attack.

The security updates apply to the following products, features, and roles: .NET Core, Active Directory Domain Services, Azure Batch Node Agent, Azure Real Time Operating System, Azure Site Recovery, Azure Sphere, Microsoft ATA Port Driver, Microsoft Bluetooth Driver, Microsoft Edge (Chromium-based), Microsoft Exchange Server, Microsoft Office, Microsoft Office Excel, Microsoft Office Outlook, Microsoft Windows Support Diagnostic Tool (MSDT), Remote Access Service Point-to-Point Tunneling Protocol, Role: Windows Fax Service, Role: Windows Hyper-V, System Center Operations Manager, Visual Studio, Windows Bluetooth Service, Windows Canonical Display Driver, Windows Cloud Files Mini Filter Driver, Windows Defender Credential Guard, Windows Digital Media, Windows Error Reporting, Windows Hello, Windows Internet Information Services, Windows Kerberos, Windows Kernel, Windows Local Security Authority (LSA), Windows Network File System, Windows Partition Management Driver, Windows Point-to-Point Tunneling Protocol, Windows Print Spooler Components, Windows Secure Boot, Windows Secure Socket Tunneling Protocol (SSTP), Windows Storage Spaces Direct, Windows Unified Write Filter, Windows WebBrowser Control, and Windows Win32K.

See the long list of KBs at the bottom of the page at August 2022 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds. 

Recommended Reading:   See Dustin Childs review and analysis in Zero Day Initiative -- The August 2022 Security Update Review.

 

Additional Update Notes:

 

References




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...




 

Adobe Acrobat DC and Reader DC Security Updates Released

      

Adobe
Adobe has released updates for Adobe Acrobat DC and Reader DC for Windows and macOS. 

These updates address multiple critical, and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak.  
 
Release date: August 9, 2022
Vulnerability identifier: APSB22-39
Platform: Windows and MacOS

Update or Complete Download

Reader DC and Acrobat DC were updated to version 22.001.20191 for Windows.  Updates should become available via the internal updater or checks can be manually activated by choosing Help/Check for Updates.  

Reader DC and other versions are available here: https://get.adobe.com/reader/

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

References
Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Mozilla Firefox Version 103.0.2 Released

  FirefoxMozilla sent Firefox Version 103.0.2 to the release channel today.  

Fixed

  • Fixed menu shortcuts for users of the JAWS screen reader.
  • Fixed an occasional non-overridable certificate error when accessing device configuration pages.
  • Fixed an issue with Picture-in-Picture displaying in fullscreen on macOS.


Release Notes




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...