Microsoft Security Update Summary (February 8, 2022)

Update[German]On February 8, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. Below is a compact overview of these updates that were released on Patchday.


Advertising

A list of the updates can be found on this Microsoft page. Details about the update packages for Windows, Office, etc. are available in separate blog posts.

Notes on the updates

Windows 10 version 2004 through 21H2 share a common core and have an identical set of system files. Therefore, the same security update will be delivered for these Windows 10 versions. Information on enabling the features of Windows 10, which is done through an Enablement Package update, can be found in this Techcommunity post.

All Windows 10 updates are cumulative. The monthly Patchday update includes all security fixes for Windows 10 and all non-security fixes up to Patchday. In addition to vulnerability security patches, the updates include security enhancement measures. Microsoft is integrating the Servicing Stack Updates (SSUs) into the Latest Cumulative Updates (LCUs) for newer versions of Windows 10. A list of the latest SSUs can be found at ADV990001 (although the list is not always up-to-date).

Windows 7 SP1 is no longer supported as of January 2020. Only customers with a 2nd year ESU license (or workarounds) will still receive updates for the last time in January 2022. For upcoming patches an ESU license for the 3rd year is required. The current ESU bypass allows the update to be installed. Updates can also be downloaded from the Microsoft Update Catalog. The updates for Windows RT 8.1 and Microsoft Office RT are only available via Windows Update.

Vulnerabilities fixed

The February 2022 security updates fix 48 vulnerabilities, including 1 0-day, in Microsoft products. A list of all covered CVEs can be found on this Microsoft page as well on this Microsoft page. The colleagues at Bleeping Computer have published an overview of the fixed vulnerabilities here. Tenable also has this blog post with an overview.


Advertising

  • CVE-2022-21989: An EoP vulnerability in the Windows kernel (Windows Kernel Elevation of Privilege) and the only zero-day vulnerability fixed this month.
  • CVE-2022-22005: Microsoft SharePoint Server remote code execution vulnerability, with the CVSSv3 score of 8.8.
  • CVE-2022-21999, CVE-2022-22718, CVE-2022-22717 and CVE-2022-21997 are Windows Print Spooler Elevation of Privilege vulnerabilities.
  • CVE-2022-21996:  Is a Win32k Elevation of Privilege vulnerability with a CVSSv3 score of 7.8.
  • CVE-2022-22715: A Named Pipe File System Elevation of Privilege vulnerability.

Here is a list of updated products/features.

  • Azure Data Explorer
  • Kestrel Web Server
  • Microsoft Dynamics
  • Microsoft Dynamics GP
  • Microsoft Edge (Chromium-based)
  • Microsoft Office
  • Microsoft Office Excel
  • Microsoft Office Outlook
  • Microsoft Office SharePoint
  • Microsoft Office Visio
  • Microsoft OneDrive
  • Microsoft Teams
  • Microsoft Windows Codecs Library
  • Power BI
  • Roaming Security Rights Management Services
  • Role: DNS Server
  • Role: Windows Hyper-V
  • SQL Server
  • Visual Studio Code
  • Windows Common Log File System Driver
  • Windows DWM Core Library
  • Windows Kernel
  • Windows Kernel-Mode Drivers
  • Windows Named Pipe File System
  • Windows Print Spooler Components
  • Windows Remote Access Connection Manager
  • Windows Remote Procedure Call Runtime
  • Windows User Account Profile
  • Windows Win32K

Critical Security Updates

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Azure Edition Core Hotpatch
Windows Server, version 20H2 (Server Core Installation)
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office Online Server
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Outlook 2016 for Mac
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
Microsoft Teams Admin Center
Microsoft Teams for Android
Microsoft Teams for iOS
OneDrive for Android
Microsoft Visual Studio 2015 Update 3
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 – 15.8)
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 – 16.8)
Microsoft Visual Studio 2022 version 17.0
Visual Studio 2019 for Mac version 8.10
Visual Studio Code
.NET 5.0
.NET 6.0
Microsoft Dynamics 365 (on-premises) version 8.2
Microsoft Dynamics 365 (on-premises) version 9.0
Microsoft Dynamics GP
PowerBI-client JS SDK
SQL Server 2019 for Linux Containers
HEVC Video Extension
HEVC Video Extensions
VP9 Video Extensions
Azure Data Explorer

Important Security Updates

Similar articles:
Microsoft Office Updates (February 1, 2022) fixes Access issues
Microsoft Security Update Summary (February 8, 2022)
Patchday: Windows 10 Updates (February 8, 2022)
Patchday: Windows 11/Server 2022 Updates (February 8, 2022)


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Office, Security, Update, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.