clearbluejar/MSRC September 2022 CVE Charts.md

## MSRC September 2022 CVE Charts.md

      
    Raw
  

              MSRC September 2022 CVE Charts.md
            
          
    MSRC September 2022 CVE Charts


      pie showData
    title Windows Tags Distribution
    "Windows OLE" : 6
    "Microsoft Graphics Component" : 5
    "Windows ODBC Driver" : 5
    "Microsoft Office SharePoint" : 4
    "Windows Kernel" : 3
    "Windows IKE Extension" : 3
    "Windows Transport Security Layer (TLS)" : 2
    "Windows Common Log File System Driver" : 2
    "Microsoft Windows Codecs Library" : 2
    "Windows Kerberos" : 2
    "Microsoft Dynamics" : 2
    "Microsoft Office Visio" : 2
    "Windows Enterprise App Management" : 1
    "Windows TCP/IP" : 1
    "HTTP.sys" : 1
    "Windows Remote Procedure Call" : 1
    "Windows DPAPI (Data Protection Application Programming Interface)" : 1
    "Windows Defender" : 1
    "Windows Event Tracing" : 1
    ".NET Framework" : 1
    "Microsoft Windows ALPC" : 1

    
      Loading

  
Tag
CVEs
Count


Windows OLE
CVE-2022-34731
CVE-2022-35836
CVE-2022-35834
CVE-2022-34733
CVE-2022-35840
CVE-2022-35835
6


Microsoft Graphics Component
CVE-2022-34729
CVE-2022-38006
CVE-2022-37954
CVE-2022-34728
CVE-2022-35837
5


Windows ODBC Driver
CVE-2022-34734
CVE-2022-34732
CVE-2022-34730
CVE-2022-34726
CVE-2022-34727
5


Microsoft Office SharePoint
CVE-2022-35823
CVE-2022-38009
CVE-2022-37961
CVE-2022-38008
4


Windows Kernel
CVE-2022-37964
CVE-2022-37956
CVE-2022-37957
3


Windows IKE Extension
CVE-2022-34721
CVE-2022-34720
CVE-2022-34722
3


Windows Transport Security Layer (TLS)
CVE-2022-30196
CVE-2022-35833
2


Windows Common Log File System Driver
CVE-2022-37969
CVE-2022-35803
2


Microsoft Windows Codecs Library
CVE-2022-38019
CVE-2022-38011
2


Windows Kerberos
CVE-2022-33647
CVE-2022-33679
2


Microsoft Dynamics
CVE-2022-35805
CVE-2022-34700
2


Microsoft Office Visio
CVE-2022-37963
CVE-2022-38010
2


Windows Enterprise App Management
CVE-2022-35841
1


Windows TCP/IP
CVE-2022-34718
1


HTTP.sys
CVE-2022-35838
1


Windows Remote Procedure Call
CVE-2022-35830
1


Windows DPAPI (Data Protection Application Programming Interface)
CVE-2022-34723
1


Windows Defender
CVE-2022-35828
1


Windows Event Tracing
CVE-2022-35832
1


.NET Framework
CVE-2022-26929
1


Microsoft Windows ALPC
CVE-2022-34725
1


      pie showData
    title Windows Impact Distribution
    "Remote Code Execution" : 31
    "Elevation of Privilege" : 18
    "Denial of Service" : 7
    "Information Disclosure" : 7
    "Security Feature Bypass" : 1

    
      Loading

  
Impact
CVEs
Count


Remote Code Execution
CVE-2022-34734
CVE-2022-35834
CVE-2022-35823
CVE-2022-38019
CVE-2022-35841
CVE-2022-34718
CVE-2022-34732
CVE-2022-35805
CVE-2022-35830
CVE-2022-34731
CVE-2022-34721
CVE-2022-38012
CVE-2022-34733
CVE-2022-37962
CVE-2022-35840
CVE-2022-35836
CVE-2022-37963
CVE-2022-35835
CVE-2022-38011
CVE-2022-38009
CVE-2022-38010
CVE-2022-34722
CVE-2022-38004
CVE-2022-37961
CVE-2022-38008
CVE-2022-30200
CVE-2022-26929
CVE-2022-34730
CVE-2022-34726
CVE-2022-34700
CVE-2022-34727
31


Elevation of Privilege
CVE-2022-34725
CVE-2022-38020
CVE-2022-30170
CVE-2022-35803
CVE-2022-37955
CVE-2022-34729
CVE-2022-26928
CVE-2022-38005
CVE-2022-37957
CVE-2022-38007
CVE-2022-37964
CVE-2022-33679
CVE-2022-33647
CVE-2022-37969
CVE-2022-37954
CVE-2022-34719
CVE-2022-35828
CVE-2022-37956
18


Denial of Service
CVE-2022-35838
CVE-2022-34720
CVE-2022-30196
CVE-2022-35832
CVE-2022-38013
CVE-2022-35833
CVE-2022-34724
7


Information Disclosure
CVE-2022-37958
CVE-2022-34723
CVE-2022-34728
CVE-2022-35837
CVE-2022-38006
CVE-2022-23960
CVE-2022-35831
7


Security Feature Bypass
CVE-2022-37959
1


## MSRC September 2022 CVE Table.md

      
    Raw
  

              MSRC September 2022 CVE Table.md
            
          
    MSRC September 2022 CVE Table


CVE
Description
Release Date
KBs
Acknowledgments
References
CNA


CVE-2022-34729
Windows GDI Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
luckyu with NSFOCUS TIANYUAN LAB
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34729
secure@microsoft.com


CVE-2022-35823
Microsoft SharePoint Remote Code Execution Vulnerability.
2022-09-13

Eduardo Braun working with Trend Micro Zero Day Initiative
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35823
secure@microsoft.com


CVE-2022-35841
Windows Enterprise App Management Service Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
Ceri Coburn with Pen Test Partners
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35841
secure@microsoft.com


CVE-2022-37964
Windows Kernel Elevation of Privilege Vulnerability.
2022-09-13
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
RyeLv (@b2ahex)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37964
secure@microsoft.com


CVE-2022-34718
Windows TCP/IP Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Quan Luo
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34718
secure@microsoft.com


CVE-2022-35838
HTTP V3 Denial of Service Vulnerability.
2022-09-13
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
Jan Reilink
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35838
secure@microsoft.com


CVE-2022-35830
Remote Procedure Call Runtime Remote Code Execution Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Andrew Flannery with Microsoft Offensive Research & Security Engineering
Yuki Chen with Cyber KunLun
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35830
secure@microsoft.com


CVE-2022-34731
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34731
secure@microsoft.com


CVE-2022-30196
Windows Secure Channel Denial of Service Vulnerability.
2022-09-13
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
Polar Bear
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30196
secure@microsoft.com


CVE-2022-34723
Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability.
2022-09-13
10.0.22000.978 - KB5017328

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34723
secure@microsoft.com


CVE-2022-35836
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35836
secure@microsoft.com


CVE-2022-37969
Windows Common Log File System Driver Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Quan Jin with DBAPPSecurity
Zscaler ThreatLabz with Zscaler
Genwei Jiang with Mandiant, FLARE OTF
CrowdStrike
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37969
secure@microsoft.com


CVE-2022-35828
Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability.
2022-09-13

Mickey Jin with Trend Micro
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35828
secure@microsoft.com


CVE-2022-37956
Windows Kernel Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Mateusz Jurczyk of Google Project Zero
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37956
secure@microsoft.com


CVE-2022-35832
Windows Event Tracing Denial of Service Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35832
secure@microsoft.com


CVE-2022-26929
.NET Framework Remote Code Execution Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
3.5.04556.03 - KB5017501
3.5.09082.05 - KB5017498
3.5.09082.05 - KB5017501
4.8.04556.03 - KB5017497
4.8.04556.03 - KB5017499
4.8.04556.03 - KB5017500
4.8.1.09082.07 - KB5017497
4.8.1.09082.07 - KB5017497
4.8.1.09082.07 - KB5017499
4.8.1.09082.07 - KB5017499
4.8.1.09082.07 - KB5017500
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Eran Zimmerman Gonen with Accenture Security Israel
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26929
secure@microsoft.com


CVE-2022-34725
Windows ALPC Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Jarvis_1oop of vulnerability research institute
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34725
secure@microsoft.com


CVE-2022-35834
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35834
secure@microsoft.com


CVE-2022-38019
AV1 Video Extension Remote Code Execution Vulnerability.
2022-09-13

bugwhale
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38019
secure@microsoft.com


CVE-2022-33647
Windows Kerberos Elevation of Privilege Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
James Forshaw of Google Project Zero
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33647
secure@microsoft.com


CVE-2022-38005
Windows Print Spooler Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Bulat Zagartdinov with Group-IB
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38005
secure@microsoft.com


CVE-2022-38006
Windows Graphics Component Information Disclosure Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Gábor Selján
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38006
secure@microsoft.com


CVE-2022-35805
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability.
2022-09-13

Fabian Schmidt
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35805
secure@microsoft.com


CVE-2022-35803
Windows Common Log File System Driver Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
xi4oyu and Quan Jin with DBAPPSecurity WeBin Lab
Mahendra Mishra of Microsoft's Windows Servicing and Delivery Group
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35803
secure@microsoft.com


CVE-2022-38007
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability.
2022-09-13

Vladimir Abramzon with Microsoft Offensive Research Security Engineering
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38007
secure@microsoft.com


CVE-2022-34721
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Yuki Chen with Cyber KunLun
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34721
secure@microsoft.com


CVE-2022-37954
DirectX Graphics Kernel Elevation of Privilege Vulnerability.
2022-09-13
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
Anonymous working with Trend Micro Zero Day Initiative
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37954
secure@microsoft.com


CVE-2022-37962
Microsoft PowerPoint Remote Code Execution Vulnerability.
2022-09-13

Anonymous working with Trend Micro Zero Day Initiative
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37962
secure@microsoft.com


CVE-2022-38020
Visual Studio Code Elevation of Privilege Vulnerability.
2022-09-13

ycdxsb with VARAS@IIE
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38020
secure@microsoft.com


CVE-2022-34728
Windows Graphics Component Information Disclosure Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Gábor Selján
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34728
secure@microsoft.com


CVE-2022-30200
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
George Hughey of MSRC Vulnerabilities & Mitigations
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30200
secure@microsoft.com


CVE-2022-35833
Windows Secure Channel Denial of Service Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Polar Bear
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35833
secure@microsoft.com


CVE-2022-35831
Windows Remote Access Connection Manager Information Disclosure Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Microsoft Offensive Research & Security Engineering (MORSE)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35831
secure@microsoft.com


CVE-2022-34720
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Yuki Chen with Cyber KunLun
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34720
secure@microsoft.com


CVE-2022-34734
Microsoft ODBC Driver Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34734
secure@microsoft.com


CVE-2022-38013
.NET Core and Visual Studio Denial of Service Vulnerability.
2022-09-13

Graham Esau with Vonage
Graham Esau with Vonage
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38013
secure@microsoft.com


CVE-2022-34732
Microsoft ODBC Driver Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34732
secure@microsoft.com


CVE-2022-38012
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.
2022-09-13

yzh with KunLun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38012
secure@microsoft.com


CVE-2022-34733
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34733
secure@microsoft.com


CVE-2022-35840
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35840
secure@microsoft.com


CVE-2022-37963
Microsoft Office Visio Remote Code Execution Vulnerability.
2022-09-13

Hossein Lotfi of Trend Micro Zero Day Initiative
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37963
secure@microsoft.com


CVE-2022-38011
Raw Image Extension Remote Code Execution Vulnerability.
2022-09-13

z0mbie
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38011
secure@microsoft.com


CVE-2022-38009
Microsoft SharePoint Server Remote Code Execution Vulnerability.
2022-09-13

Anonymous
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38009
secure@microsoft.com


CVE-2022-38010
Microsoft Office Visio Remote Code Execution Vulnerability.
2022-09-13

HAO LI of VenusTech ADLab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38010
secure@microsoft.com


CVE-2022-37961
Microsoft SharePoint Server Remote Code Execution Vulnerability.
2022-09-13

Anonymous
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37961
secure@microsoft.com


CVE-2022-38008
Microsoft SharePoint Server Remote Code Execution Vulnerability.
2022-09-13

Anonymous
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38008
secure@microsoft.com


CVE-2022-37958
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Information Disclosure Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Anonymous
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37958
secure@microsoft.com


CVE-2022-26928
Windows Photo Import API Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.22000.978 - KB5017328

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26928
secure@microsoft.com


CVE-2022-34730
Microsoft ODBC Driver Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34730
secure@microsoft.com


CVE-2022-34726
Microsoft ODBC Driver Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34726
secure@microsoft.com


CVE-2022-34727
Microsoft ODBC Driver Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34727
secure@microsoft.com


CVE-2022-37957
Windows Kernel Elevation of Privilege Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.22000.978 - KB5017328
RyeLv (@b2ahex)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37957
secure@microsoft.com


CVE-2022-34719
Windows Distributed File System (DFS) Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Angelboy with DEVCORE
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34719
secure@microsoft.com


CVE-2022-37955
Windows Group Policy Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Anonymous working with Trend Micro Zero Day Initiative
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37955
secure@microsoft.com


CVE-2022-35837
Windows Graphics Component Information Disclosure Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Gábor Selján
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35837
secure@microsoft.com


CVE-2022-35835
Microsoft OLE DB Provider for SQL Server Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Haifei Li with CyberKL Kunlun Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35835
secure@microsoft.com


CVE-2022-33679
Windows Kerberos Elevation of Privilege Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
James Forshaw of Google Project Zero
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33679
secure@microsoft.com


CVE-2022-34722
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Yuki Chen with Cyber KunLun
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34722
secure@microsoft.com


CVE-2022-38004
Windows Fax Service Remote Code Execution Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
George Hughey with MSRC Vulnerabilities and Mitigations
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38004
secure@microsoft.com


CVE-2022-30170
Windows Credential Roaming Service Elevation of Privilege Vulnerability.
2022-09-13
10.0.10240.19444 - KB5017327
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.19042.2006 - KB5017308
10.0.19043.2006 - KB5017308
10.0.19044.2006 - KB5017308
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
10.0.22000.978 - KB5017328
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Thibault Van Geluwe de Berlaere with Mandiant
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30170
secure@microsoft.com


CVE-2022-34724
Windows DNS Server Denial of Service Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
6.0.6003.21666 - KB5017358
6.0.6003.21666 - KB5017371
6.1.7601.26115 - KB5017361
6.1.7601.26115 - KB5017373
6.2.9200.23865 - KB5017370
6.2.9200.23865 - KB5017377
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34724
secure@microsoft.com


CVE-2022-37959
Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability.
2022-09-13
10.0.14393.5356 - KB5017305
10.0.17763.3406 - KB5017315
10.0.20348.1006 - KB5017316
10.0.20348.916 - KB5017392
6.3.9600.20571 - KB5017365
6.3.9600.20571 - KB5017367
Félix Martel-Denis
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37959
secure@microsoft.com


CVE-2022-34700
Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability.
2022-09-13

Fabian Schmidt
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34700
secure@microsoft.com
Tag	CVEs	Count
Windows OLE	CVE-2022-34731 CVE-2022-35836 CVE-2022-35834 CVE-2022-34733 CVE-2022-35840 CVE-2022-35835	6
Microsoft Graphics Component	CVE-2022-34729 CVE-2022-38006 CVE-2022-37954 CVE-2022-34728 CVE-2022-35837	5
Windows ODBC Driver	CVE-2022-34734 CVE-2022-34732 CVE-2022-34730 CVE-2022-34726 CVE-2022-34727	5
Microsoft Office SharePoint	CVE-2022-35823 CVE-2022-38009 CVE-2022-37961 CVE-2022-38008	4
Windows Kernel	CVE-2022-37964 CVE-2022-37956 CVE-2022-37957	3
Windows IKE Extension	CVE-2022-34721 CVE-2022-34720 CVE-2022-34722	3
Windows Transport Security Layer (TLS)	CVE-2022-30196 CVE-2022-35833	2
Windows Common Log File System Driver	CVE-2022-37969 CVE-2022-35803	2
Microsoft Windows Codecs Library	CVE-2022-38019 CVE-2022-38011	2
Windows Kerberos	CVE-2022-33647 CVE-2022-33679	2
Microsoft Dynamics	CVE-2022-35805 CVE-2022-34700	2
Microsoft Office Visio	CVE-2022-37963 CVE-2022-38010	2
Windows Enterprise App Management	CVE-2022-35841	1
Windows TCP/IP	CVE-2022-34718	1
HTTP.sys	CVE-2022-35838	1
Windows Remote Procedure Call	CVE-2022-35830	1
Windows DPAPI (Data Protection Application Programming Interface)	CVE-2022-34723	1
Windows Defender	CVE-2022-35828	1
Windows Event Tracing	CVE-2022-35832	1
.NET Framework	CVE-2022-26929	1
Microsoft Windows ALPC	CVE-2022-34725	1
Impact	CVEs	Count
Remote Code Execution	CVE-2022-34734 CVE-2022-35834 CVE-2022-35823 CVE-2022-38019 CVE-2022-35841 CVE-2022-34718 CVE-2022-34732 CVE-2022-35805 CVE-2022-35830 CVE-2022-34731 CVE-2022-34721 CVE-2022-38012 CVE-2022-34733 CVE-2022-37962 CVE-2022-35840 CVE-2022-35836 CVE-2022-37963 CVE-2022-35835 CVE-2022-38011 CVE-2022-38009 CVE-2022-38010 CVE-2022-34722 CVE-2022-38004 CVE-2022-37961 CVE-2022-38008 CVE-2022-30200 CVE-2022-26929 CVE-2022-34730 CVE-2022-34726 CVE-2022-34700 CVE-2022-34727	31
Elevation of Privilege	CVE-2022-34725 CVE-2022-38020 CVE-2022-30170 CVE-2022-35803 CVE-2022-37955 CVE-2022-34729 CVE-2022-26928 CVE-2022-38005 CVE-2022-37957 CVE-2022-38007 CVE-2022-37964 CVE-2022-33679 CVE-2022-33647 CVE-2022-37969 CVE-2022-37954 CVE-2022-34719 CVE-2022-35828 CVE-2022-37956	18
Denial of Service	CVE-2022-35838 CVE-2022-34720 CVE-2022-30196 CVE-2022-35832 CVE-2022-38013 CVE-2022-35833 CVE-2022-34724	7
Information Disclosure	CVE-2022-37958 CVE-2022-34723 CVE-2022-34728 CVE-2022-35837 CVE-2022-38006 CVE-2022-23960 CVE-2022-35831	7
Security Feature Bypass	CVE-2022-37959	1