Microsoft June 2022 Patch Tuesday: 55 fixes, remote code execution in abundance

Microsoft has released 55 security fixes that resolve critical issues including Remote Code Execution (RCE).

The Redmond giant’s latest round of patches, usually released on the second Tuesday of each month in what is known as Patch Tuesday, includes fixes for problems such as RCE vulnerabilities, information leaks, Elevation of Privilege (EoP), Use-After-Free issues, and out-of-bounds memory access.

Special Feature

Products impacted by June’s security update include the Windows operating system, Microsoft Office, Hyper-V Server, Azure, and Windows Defender. In total, three vulnerabilities are critical, one is moderate, and the rest are considered important.

Many of the vulnerabilities patched this month relate to remote code execution, but Microsoft says that there are no reports of active exploitation in the wild with the exception of an update to CVE-2022-30190, a Microsoft Windows Support Diagnostic Tool (MSDT) vulnerability made public in May

Also: Everything Microsoft revealed at its 2022 Xbox & Bethesda Showcase

Some of the most severe vulnerabilities resolved in this update are: 

CVE-2022-30136: CVSS 9.8, Windows Network File System RCE vulnerability. Attackers need to make an unauthenticated, crafted call to a Network File System (NFS) service to trigger the bug.CVE-2022-30163: CVSS 8.5, A Windows Hyper-V RCE vulnerability exploitable through a specially

Read More: