Patch Tuesday October 2022

The second Tuesday of the month has passed and that means Microsoft has released security updates for all supported client and server editions of Windows. Patch Day (Patch Tuesday) October 2022 also brings updates to other Microsoft products, some of which are security-related.

patch tuesday,patch tuesday microsoft,iguru

Cumulative updates for Windows include security and non-security updates, such as bug fixes, but some new features.

Summary of highlights

Microsoft has increased the availability of Windows 11 Update 2022. As of yesterday it should be offered to more systems after its initial release in mid-September.
The October 2022 updates include security fixes for all client and server versions of Windows.
Security updates are also available for Azure, Active Directory Services, Microsoft Edge, Microsoft Office, NuGet Client, Remote Access Service Point-to-Point Tunneling Protocol, and other applications and services.
Windows client updates fix known fixes στα λειτουργικά: Windows 7, .1, Windows 10, Windows 11
Windows server updates fix known problems in the operating systems: Windows Server 2008, 2008 R2, 2012, 2012 R2, 2019 and Windows Server 2022.

All Updates

Operating System Distribution

  • Windows 7 (extended support only): 43 : 8 critical and 35 important
    • Windows CryptoAPI Spoofing Vulnerability — CVE-2022-34689
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-22035
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-30198
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-33634
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-24504
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41081
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38000
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38047
  • Windows 8.1: 49 vulnerabilities: 8 critical and 41 important
    • same critical vulnerabilities as Windows 7
  • Windows 10 21H1 and 21H2 : 64 vulnerabilities, 9 critical and 5g important
    • same as Windows 7, plus the following:
    • Windows Hyper-V Elevation of Privilege Vulnerability — CVE-2022-37979
  • Windows 11 and Windows 11 version 22H2: 64 vulnerabilities, 9 critical and 55 important
    • same as Windows 10.

Windows Server products

  • Windows Server 2008 R2 (extended support only): 44 vulnerabilities: 9 critical and 35 important
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-24504
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-33634
    • Windows CryptoAPI Spoofing Vulnerability — CVE-2022-34689
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-30198
    • Active Directory Certificate Services Elevation of Privilege Vulnerability — CVE-2022-37976
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-22035
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41081
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38000
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38047
  • Windows Server 2012 R2: 50 vulnerabilities: 9 critical and 41 important
    • same critical vulnerabilities as Windows Server 2008 R2.
  • WinWindows Server 2016: 54 vulnerabilities: 10 critical and 44 important
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-30198
    • Active Directory Certificate Services Elevation of Privilege Vulnerability — CVE-2022-37976
    • Windows CryptoAPI Spoofing Vulnerability — CVE-2022-34689
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-22035
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-33634
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-24504
    • Windows Hyper-V Elevation of Privilege Vulnerability — CVE-2022-37979
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-41081
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38000
    • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability — CVE-2022-38047
  • Windows Server 2019: 61 vulnerabilities: 10 critical and 51 important
    • same as Windows server 2016.
  • Windows Server 2022:  66 vulnerabilities: 10 critical and 56 important
    • same as Windows server 2016.

Windows Security Updates

Windows 7 SP1 and Windows Server 2008 R2

Updates and improvements:

  • Fixed an issue that could lead to UDP packet drops from Linux Virtual Machines.
  • Chile daylight saving times updated to start on September 11 instead of September 4.

Windows 8.1 and Windows Server 2012 R2

Updates and improvements:

  • Same as Windows 7

Windows 10 version 20H2, 21H1 and 21H2

Updates and improvements:

  • Includes security updates and improvements of the preview update, released on September 20, 2022.

Windows 11 Release version 

Updates and improvements:

Includes security updates and improvements of the preview update, released on September 20, 2022.

Windows 11 version 22H2  

Updates and improvements:

Includes security updates and improvements of the preview update, released on September 30, 2022.

Other security updates

2022-10 Cumulative Security Update for (KB5018413)

2022-10 Cumulative Update for (KB5018425) for Windows 10 Version 1507

Server updates

2022-10 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5018411)

2022-10 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5018419)

2022-10 Security Only Quality Update for Windows Server 2008 (KB5018446)

2022-10 Security Monthly Quality Rollup for Windows Server 2008 (KB5018450)

2022-10 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5018457)

2022-10 Security Monthly Quality Rollup for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB5018474)

2022-10 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5018478)

.NET Framework

2022-10 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5017271)

2022-10 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5018541)

Servicing Stack Updates

2022-10 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB5018922)

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Microsoft Patch TuesdayPatch Tuesday

patch tuesday,patch tuesday microsoft,iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).