Security News > 2022 > July > Microsoft July 2022 Patch Tuesday fixes exploited zero-day, 84 flaws
Today is Microsoft's July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws.
This month's Patch Tuesday fixes an actively exploited zero-day elevation of privileges vulnerability.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
The actively exploited zero-day vulnerability fixed today is tracked as 'CVE-2022-22047 - Windows CSRSS Elevation of Privilege Vulnerability.
"An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," explains Microsoft in an advisory published today.
Below is the complete list of resolved vulnerabilities and released advisories in the July 2022 Patch Tuesday updates.
News URL
Related news
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- August 2024 Patch Tuesday forecast: Looking for a calm August release (source)
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days (source)
- Microsoft Patched 6 Actively Exploited Zero-Day Flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-22047 | Untrusted Search Path vulnerability in Microsoft products Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 |