close

Windows

Cloud

Microsoft 365

PowerShell

Active Directory

Security

Windows Server

Video

Chance to win $250 in Petri 2023 Audience Survey

Home

Windows 10

Windows 11

Microsoft’s December 2022 Patch Tuesday Updates Fix 52 Windows Vulnerabilities

Laurent Giret

|
Windows 11

Microsoft released its monthly “Patch Tuesday” updates for Windows 11 and Windows 10 yesterday. In December, the company released a total of 52 patches to fix vulnerabilities in Windows, Office, and other components. 

There are also several notable changes on the quality and experience updates front. There are minor new features for both Windows 11 versions 22H2 and 21H2, and there are also some taskbar changes for Windows 10 users. This month also marks the end of support for Windows 11 version 21H1, and Microsoft recommends affected users upgrade to the version 22H2 released this Fall.

52 vulnerabilities fixed in the November 2022 Patch Tuesday updates

This month, Microsoft fixed a total of 52 vulnerabilities. Six of them are rated critical, and there’s also one vulnerability rated “Moderate” that is already being publicly exploited in the wild. 

Let’s take a look at some of the most notable vulnerabilities Microsoft fixed in December:

  • CVE-2022-44698: This Windows SmartScreen Security Feature Bypass vulnerability is already being exploited by attackers. It requires them to craft a malicious file to evade Mark of the Web (MOTW) defenses.
  • CVE-2022-44710: This DirectX Graphics Kernel Elevation of Privilege vulnerability has already been publicly disclosed, but Microsoft says it isn’t being exploited yet. 
  • CVE-2022-44690: This Remote Code Execution vulnerability in Microsoft SharePoint Server allows authenticated attackers with Manage List permissions to execute code remotely on a SharePoint Server.
  • CVE-2022-41076: This PowerShell Remote Code Execution vulnerability allows authenticated attackers to escape the PowerShell Remoting Session Configuration and run unapproved commands on the target system.
  • CVE-2022-44676: This Remote Code Execution vulnerability in the Windows Secure Socket Tunneling Protocol (SSTP) allows unauthenticated attackers to send a specially crafted connection request to a RAS server to run code remotely on the RAS server machine.

You can find below the full list of CVEs released by Microsoft with the December 2022 Patch Tuesday updates:

ProductImpactMax SeverityArticleDetails
Raw Image ExtensionRemote Code ExecutionImportantRelease NotesCVE-2022-44687
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5021294CVE-2022-41094
Windows Server 2012 R2 (Server Core installation)Elevation of PrivilegeImportant5021296CVE-2022-41094
Windows Server 2012 R2Elevation of PrivilegeImportant5021294CVE-2022-41094
Windows Server 2012 R2Elevation of PrivilegeImportant5021296CVE-2022-41094
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5021285CVE-2022-41094
Windows Server 2012 (Server Core installation)Elevation of PrivilegeImportant5021303CVE-2022-41094
Windows Server 2012Elevation of PrivilegeImportant5021285CVE-2022-41094
Windows Server 2012Elevation of PrivilegeImportant5021303CVE-2022-41094
Windows 8.1 for x64-based systemsElevation of PrivilegeImportant5021294CVE-2022-41094
Windows 8.1 for x64-based systemsElevation of PrivilegeImportant5021296CVE-2022-41094
Windows Server 2016 (Server Core installation)Elevation of PrivilegeImportant5021235CVE-2022-41094
Windows Server 2016Elevation of PrivilegeImportant5021235CVE-2022-41094
Windows 10 Version 1607 for x64-based SystemsElevation of PrivilegeImportant5021235CVE-2022-41094
Windows 10 for x64-based SystemsElevation of PrivilegeImportant5021243CVE-2022-41094
Windows 10 Version 21H2 for x64-based SystemsElevation of PrivilegeImportant5021233CVE-2022-41094
Windows 11 for x64-based SystemsElevation of PrivilegeImportant5021234CVE-2022-41094
Windows 10 Version 20H2 for x64-based SystemsElevation of PrivilegeImportant5021233CVE-2022-41094
Windows Server 2022 Datacenter: Azure EditionElevation of PrivilegeImportant5021249CVE-2022-41094
Windows Server 2022 (Server Core installation)Elevation of PrivilegeImportant5021249CVE-2022-41094
Windows Server 2022Elevation of PrivilegeImportant5021249CVE-2022-41094
Windows 10 Version 21H1 for x64-based SystemsElevation of PrivilegeImportant5021233CVE-2022-41094
Windows Server 2019 (Server Core installation)Elevation of PrivilegeImportant5021237CVE-2022-41094
Windows Server 2019Elevation of PrivilegeImportant5021237CVE-2022-41094
Windows 10 Version 1809 for x64-based SystemsElevation of PrivilegeImportant5021237CVE-2022-41094
Windows RT 8.1Remote Code ExecutionCritical5021294CVE-2022-41076
Windows 8.1 for 32-bit systemsRemote Code ExecutionCritical5021294CVE-2022-41076
Windows 8.1 for 32-bit systemsRemote Code ExecutionCritical5021296CVE-2022-41076
Windows 10 Version 1607 for 32-bit SystemsRemote Code ExecutionCritical5021235CVE-2022-41076
Windows 10 for 32-bit SystemsRemote Code ExecutionCritical5021243CVE-2022-41076
Windows 10 Version 21H2 for ARM64-based SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 10 Version 21H2 for 32-bit SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 11 for ARM64-based SystemsRemote Code ExecutionCritical5021234CVE-2022-41076
Windows 10 Version 20H2 for ARM64-based SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 10 Version 20H2 for 32-bit SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 10 Version 21H1 for 32-bit SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 10 Version 21H1 for ARM64-based SystemsRemote Code ExecutionCritical5021233CVE-2022-41076
Windows 10 Version 1809 for ARM64-based SystemsRemote Code ExecutionCritical5021237CVE-2022-41076
Windows 10 Version 1809 for 32-bit SystemsRemote Code ExecutionCritical5021237CVE-2022-41076
Remote Desktop client for Windows DesktopElevation of PrivilegeImportantCVE-2022-41121

Quality and experience updates

For PCs running Windows 11 version 22H2, the KB5021255 update introduces some changes to the Settings app. There are new storage alerts for OneDrive subscribers on the Systems page, and Microsoft has also combined Windows Spotlight and Themes on the Personalization page. 

This patch also brings a new mobile device management (MDM) policy for organizational messages. This is a new feature on Windows 11 version 22H2 that allows IT pros to send identical notifications to all managed Windows 11 PCs in an organization. 

You can find more details about what’s changed for Windows 11 version 22H2 in the video below: 

For Windows 11 users still running the version 21H2 of the OS, the KB5021234 patch brings Microsoft’s Quick Assist app to all client devices. Moreover, this update provides enterprise customers with a new way to authenticate Azure Active Directory joined devices to determine if they are on a trusted network. IT admins will need to enable this feature with a mobile device management (MDM) policy. 

Lastly, the KB5021233 patch for Windows 10 versions 21H1, 21H2, and 22H2 will unpin Cortana from the taskbar, though you users revert this change in taskbar settings. Moreover, the taskbar search box will now be displayed by default on PCs where the taskbar is at the top of the screen. The same change will be applied when the small taskbar button mode has been enabled.  

Windows Update testing and best practices

Organizations looking to deploy this month’s patches should conduct thorough testing before deploying them widely on production systems. That said, applying the patches widely shouldn’t be delayed longer than necessary as hackers start to work out how to weaponize newly reported vulnerabilities.

A best practice is to make sure you have backed up systems before applying updates. Every month, users experience issues with Windows updates that lead to systems not booting, application and hardware compatibility issues, or even data loss in extreme cases.

There are backup tools built into Windows and Windows Server that you can use to restore systems in the event a patch causes a problem. The backup features in Windows can be used to restore an entire system, or files and folders on a granular basis.

If you have any problems with this month’s patches, please let us know in the comments below. Other readers might be able to share their experiences in how to roll back problematic updates or mitigate issues caused by patches that are important to have in place.

Article saved!

Access saved content from your profile page. View Saved