Patch Tuesday July 2022 

Jordan Hammond fun headshot
Jordan Hammond|July 12, 2022
Patch Tuesday July 2022
Patch Tuesday July 2022

Get your score cards out, it is time to cover a brand-new Patch Tuesday! We are looking at 84 patches closed, with four being critical, and an additional patch that's already been exploited.

From my initial pass, the critical issues are less extreme than usual, but that does not mean they are not critical threats. Overall, we are seeing a total increase in patches over the last month, but we do not have a horrific zero-day to start the month either. This is the second consecutive month where things look better than the month before. That is officially a trend of positive news! Now let us dive into the bad. 

Some highlights (or lowlights)

  • CVE-2022-22047: What better place to start than the already exploited vulnerability. This exploit allows the attacker to get system privileges using the Client Server Run-Time SubSystem (CSRSS). It has a local attack vector, so while not considered critical, it is still a concern. 

  • CVE-2022-30221: This exploit is the highest rated critical vulnerability that was closed. It allows an attacker to run code through the Windows Graphic Component of RDP. While it does not require privileges, it does require a user to click on a link to a malicious RDP server. As users never click on phishing emails, I am sure you are completely safe.... On second thought, maybe patch anyway? 

  • CVE-2022-22039: Network File System as a critical patch is becoming a monthly thing. While it is not fun that it is back, the bright side is that this time it is only a 7.5. It requires low privileges and no user interaction, so that's bad. The good thing is the complexity of this one is rated high. The high rating is because for this to be effective they must win a race condition.  

Wrapping up

That is it for July. It is nice to have a positive trend over the last few months. Who has time to breach security with all this pleasant weather we have? We have nothing rated above a 9.0, the known exploit is limited to local attack vector, and high complexity for a few of the critical exploits makes for a downright pleasant month. Automating your patching with PDQ Deploy and PDQ Inventory will make your Patch Tuesday much less painful.

Jordan Hammond fun headshot
Jordan Hammond

Jordan had spent his life wondering why tasks he didn’t like to do had no options to complete themselves. Eventually he had to make that happen on his own. It turned out that he enjoyed making tasks complete themselves, and PDQ thought that is something he should talk about on the internet while drinking most Thursdays on the PDQ webcast.

Related articles