Security News > 2022 > June > Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws

Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT 'Follina' zero-day vulnerability and new Intel MMIO flaws.
Microsoft has fixed the widely-exploited Windows Follina MSDT zero-day vulnerability tracked as CVE-2022-30190 in the June 2022 Updates.
Last month, a new Windows zero-day vulnerability was discovered in attacks that executed malicious PowerShell commands via the Windows Microsoft Diagnostic Tool.
While Microsoft released mitigations for the vulnerability, they would not say if they would patch it.
Today, Microsoft released a security update for the Windows MSDT vulnerability, and it is included in the June 2022 cumulative updates or in a standalone security update for Windows Server.
Below is the complete list of resolved vulnerabilities and released advisories in the June 2022 Patch Tuesday updates.
News URL
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-01 | CVE-2022-30190 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. | 0.0 |