Check Variety Of Topics Related To The Global Digital Transformation.

On December 2022, Patch Tuesday, Microsoft published security and non-security updates for all client and server versions and editions of its Windows operating system. The company released security updates today for several Microsoft products.

Security updates are available through Windows Update, update management solutions like WSUS, and direct downloads from the Microsoft Update Catalog.

Security Updates for Microsoft Windows: December 2022

• Today marked the end of support for Windows 10 version 21H1. The operating system will not be updated in the future.
• After the December 2022 Patch Tuesday, there will be only one more Patch Day for Windows 7 and 8/8.1.
• Microsoft has approved Windows 10 version 22H2 for widespread distribution.
• Microsoft issued security advisory ADV220005 on malicious use of Microsoft-signed drivers.
• There are reported difficulties with the following Windows client versions: Windows 7, Windows 8.1, Windows 10 versions 20H2, 21H1, 21H2, and 22H2, and 11 versions 21H2 and 22H2 are all supported. There are reported concerns with the following Windows server versions: Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019, and 2022

Operating System Distribution

Windows 7 (only expanded support): 15 vulnerabilities: 3 critical and 11 important, 1 moderate

• PowerShell Remote Code Execution Vulnerability – CVE-2022-41076
• Remote Code Execution Vulnerability Windows Secure Socket Tunneling Protocol (SSTP) 

          1. CVE-2022-44670

          2. CVE-2022-44676

Windows 8.1 has 20 vulnerabilities: 3 severe, 16 crucial, and 1 moderate.

• Same as Windows 7

Windows 10 versions 21H1, 21H2, and 22H2 have 26 vulnerabilities, three of which are critical, 22 of which are essential, and one of which is moderate.

• Same as Windows 7

Windows 11 with version 22H2: 25 vulnerabilities, 3 critical, 21 necessary, and 1 moderate.

• Same as Windows 7

Products for Windows Server

Windows Server 2008 R2 (only with expanded support): 15 security flaws: 3 are critical, 11 are significant, and 1 is moderate.

• PowerShell Remote Code Execution Vulnerability – CVE-2022-41076 
• Remote Code Execution Vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) –CVE-2022-44676

          1. CVE-2022-44676

          2. CVE-2022-44670

Windows Server 2012 R2 has 20 vulnerabilities: three critical, sixteen crucial, and one moderate.

• Similar to Windows Server 2008 R2.

Windows Server 2016 has 20 vulnerabilities, three of which are critical, 15 of which are essential, and two of which are moderate.

• Similar to Windows Server 2008 R2.

Windows Server 2019 has 25 vulnerabilities, three of which are critical, 21 of which are essential, and two of which are moderate.

• Similar to Windows Server 2008 R2.

Windows Server 2022 has 25 vulnerabilities, three of which are critical, 21 of which are essential, and two of which are moderate.

• Similar to Windows Server 2008 R2.

Updates for Windows Security

Additional security updates

Cumulative Update 2022-12 for Windows 10, version 1507 (KB5021243)

Final Words

Microsoft’s security patches, released on December 13, 2022, are now accessible. Home users can get them from Windows Update or the Microsoft Update Catalog website.

Follow these procedures to manually check for updates:

• Select Start, type Windows Update, and then open the Windows Update item that appears.
• To do a manual check for updates, choose check for updates.