February 2022 Patch Tuesday Index

Don't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in February's Patch Tuesday Index below.

Microsoft released their lowest amount vulnerability fixes in recent memory this month, with a total of only 48. All are rated "High" with a lone fix being publicly disclosed, CVE-2022-21989.

Adobe released security bulletins for 5 of their products: Premier Rush, Illustrator, Photoshop, After Effects, and Creative Cloud Desktop Application. All were given Adobe Priority 3 and in total there were 17 CVEs.

Apple recently pushed out updates for a number of their products including fixes for 16 documented CVEs. Among these is an urgent iOS update in which Apple warned that one of the vulnerabilities, CVE-2022-22587, “may have been actively exploited.”

Google has released Chrome version 97.0.4692.99 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

Mozilla released 2 security advisories for Firefox 97 and Firefox ESR 91.6, both advisories were given the "High" rating. Between these 2 advisories, there are 13 CVEs addressed.

For a more detailed breakdown, visit our Automox Patch Tuesday Webinar: February 2022. Automox’s Eric Feldman and Adam Whitman review the latest security patches and how school systems are being especially impacted by cyber attacks in the new year.

Last Updated 1:40 PM ET - February 8, 2021.

firefox Mozilla Firefox
Product

Title

Identifier

Severity

Firefox 12 security vulnerabilities fixed in Firefox 97 MFSA 2022-04 High
Firefox ESR 12 security vulnerabilities fixed in Firefox ESR 91.6 MFSA 2022-05 High
adobe Adobe
Product

Title

Identifier

Severity

Adobe Premiere Rush 1 security vulnerability fixed in Premiere Rush APSB22-06 Adobe Priority 3
Adobe Illustrator 13 security vulnerabilities fixed in Illustrator APSB22-07 Adobe Priority 3
Adobe Photoshop 1 security vulnerability fixed in Photoshop APSB22-08 Adobe Priority 3
Adobe After Effects 1 security vulnerability fixed in After Effects APSB22-09 Adobe Priority 3
Adobe Creative Cloud Desktop Application 1 security vulnerability fixed in Creative Cloud Desktop Application APSB22-11 Adobe Priority 3
microsoft Microsoft
Product

Title

Identifier

Severity

Windows Kernel Windows Kernel Elevation of Privilege Vulnerability CVE-2022-21989 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2022-21844 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2022-21926 High
Microsoft Windows Codecs Library HEVC Video Extensions Remote Code Execution Vulnerability CVE-2022-21927 High
Microsoft Dynamics Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability CVE-2022-21957 High
Microsoft Teams Microsoft Teams Denial of Service Vulnerability CVE-2022-21965 High
Microsoft Office SharePoint Microsoft SharePoint Server Security Feature BypassVulnerability CVE-2022-21968 High
Windows Remote Procedure Call Runtime Windows Runtime Remote Code Execution Vulnerability CVE-2022-21971 High
Roaming Security Rights Management Services Roaming Security Rights Management Services Remote Code Execution Vulnerability CVE-2022-21974 High
Windows Common Log File System Driver Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2022-21981 High
Role: DNS Server Windows DNS Server Remote Code Execution Vulnerability CVE-2022-21984 High
Windows Remote Access Connection Manager Windows Remote Access Connection Manager Information Disclosure Vulnerability CVE-2022-21985 High
Kestrel Web Server Kestrel Web Server Denial of Service Vulnerability CVE-2022-21986 High
Microsoft Office SharePoint Microsoft SharePoint Server Spoofing Vulnerability CVE-2022-21987 High
Microsoft Office Visio Microsoft Office Visio Remote Code Execution Vulnerability CVE-2022-21988 High
Visual Studio Code Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability CVE-2022-21991 High
Windows Kernel Windows Mobile Device Management Remote Code Execution Vulnerability CVE-2022-21992 High
Windows Kernel-Mode Drivers Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability CVE-2022-21993 High
Windows DWM Core Library Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2022-21994 High
Role: Windows Hyper-V Windows Hyper-V Remote Code Execution Vulnerability CVE-2022-21995 High
Windows Win32K Win32k Elevation of Privilege Vulnerability CVE-2022-21996 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2022-21997 High
Windows Common Log File System Driver Windows Common Log File System Driver Information Disclosure Vulnerability CVE-2022-21998 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2022-21999 High
Windows Common Log File System Driver Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2022-22000 High
Windows Remote Access Connection Manager Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVE-2022-22001 High
Windows User Account Profile Windows User Account Profile Picture Denial of Service Vulnerability CVE-2022-22002 High
Microsoft Office Microsoft Office Graphics Remote Code Execution Vulnerability CVE-2022-22003 High
Microsoft Office Microsoft Office ClickToRun Remote Code Execution Vulnerability CVE-2022-22004 High
Microsoft Office SharePoint Microsoft SharePoint Server Remote Code Execution Vulnerability CVE-2022-22005 High
Microsoft Windows Codecs Library VP9 Video Extensions Remote Code Execution Vulnerability CVE-2022-22709 High
Windows Common Log File System Driver Windows Common Log File System Driver Denial of Service Vulnerability CVE-2022-22710 High
Role: Windows Hyper-V Windows Hyper-V Denial of Service Vulnerability CVE-2022-22712 High
Windows Named Pipe File System Named Pipe File System Elevation of Privilege Vulnerability CVE-2022-22715 High
Microsoft Office Excel Microsoft Excel Information Disclosure Vulnerability CVE-2022-22716 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2022-22717 High
Windows Print Spooler Components Windows Print Spooler Elevation of Privilege Vulnerability CVE-2022-22718 High
Microsoft Office Microsoft Office Information Disclosure Vulnerability CVE-2022-23252 High
Power BI Microsoft Power BI Elevation of Privilege Vulnerability CVE-2022-23254 High
Microsoft OneDrive Microsoft OneDrive for Android Security Feature Bypass Vulnerability CVE-2022-23255 High
Azure Data Explorer Azure Data Explorer Spoofing Vulnerability CVE-2022-23256 High
Microsoft Dynamics GP Microsoft Dynamics GP Spoofing Vulnerability CVE-2022-23269 High
Microsoft Dynamics GP Microsoft Dynamics GP Elevation Of Privilege Vulnerability CVE-2022-23271 High
Microsoft Dynamics GP Microsoft Dynamics GP Elevation Of Privilege Vulnerability CVE-2022-23272 High
Microsoft Dynamics GP Microsoft Dynamics GP Elevation Of Privilege Vulnerability CVE-2022-23273 High
Microsoft Dynamics GP Microsoft Dynamics GP Remote Code Execution Vulnerability CVE-2022-23274 High
SQL Server SQL Server for Linux Containers Elevation of Privilege Vulnerability CVE-2022-23276 High
Microsoft Office Outlook Microsoft Outlook for Mac Security Feature Bypass Vulnerability CVE-2022-23280 High

 

About Automox for IT Operations

Today’s IT leaders deserve better than tedious legacy tools to manage their infrastructure. From our single cloud-native platform, automate and scale your IT operations to meet the growing business demands of the modern workforce. With complete visibility of your entire environment, you can easily monitor, identify, and respond to issues in real-time across any endpoint, regardless of OS or location.

Demo Automox to see how you can immediately gain effortless command of your endpoints.

Dive deeper into this topic

loading...