Security News > 2022 > June > Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws

Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws
2022-06-14 17:45

Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT 'Follina' zero-day vulnerability and new Intel MMIO flaws.

Microsoft has fixed the widely-exploited Windows Follina MSDT zero-day vulnerability tracked as CVE-2022-30190 in the June 2022 Updates.

Last month, a new Windows zero-day vulnerability was discovered in attacks that executed malicious PowerShell commands via the Windows Microsoft Diagnostic Tool.

While Microsoft released mitigations for the vulnerability, they would not say if they would patch it.

Today, Microsoft released a security update for the Windows MSDT vulnerability, and it is included in the June 2022 cumulative updates or in a standalone security update for Windows Server.

Below is the complete list of resolved vulnerabilities and released advisories in the June 2022 Patch Tuesday updates.


News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2022-patch-tuesday-fixes-1-zero-day-55-flaws/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-06-01 CVE-2022-30190 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word.
local
low complexity
microsoft CWE-610
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774