San Francisco, Aug 11 : Tech giant Microsoft has released patches for 141 bugs in the August 2022 Patch update, which also addresses two previously unidentified (zero-day) bugs, of which one is actively exploited.The total patch number of the August 2022 Patch update contains 20 bugs in Edge which Microsoft has previously issued fixes to, but leaves 121 flaws that affect Windows, Office, Azure, .NET Core, Visual Studio and Exchange Server, reports ZDNet.
The Zero Day Initiative noted that the number of fixes that have been released in the month of July is “markedly more” than was anticipated in the August release.
“It is nearly three times the size of the August release of last year and is the second-largest release of the year,” the bug hunting group was quoted as saying.
Microsoft has fixed 17 serious flaws as well as 102 critical bugs this month throughout.
These fixes fix 64 levels of privilege flaws as well as 32 remote code execution flaws and vulnerabilities in information disclosure and security feature bypasses.
Additionally 34 of this month’s fixes address issues in Azure Site Recovery, Microsoft’s disaster recovery toolset that is available for the cloud.
The bug that is actively exploited is an issue with remote code execution that affects the Microsoft Windows Support Diagnostic Tool (MSDT) that is identified as CVE-2022-34713.
According to Microsoft it is related to a bug that security researchers call “Dogwalk”.
Researchers have reported the Dogwalk bug to Microsoft in early 2020 , but Microsoft did not take action until May as attackers began exploiting MSDT using infected Word documents.
The company in the month of June issued the CVE-2022-30190 identifier with mitigation measures that were followed by an update in the middle of June and additional defense-in-depth measures in July.
vc/
.
