[German]Microsoft also patched Windows Defender Credential Guard on patchday, August 9, 2022, with the security updates. Both an elevation of privilege vulnerability and a security feature bypass vulnerability were closed. However, Microsoft had not provided any documentation on this.
This has now been corrected in a Microsoft Security Update revision notice. Here are the relevant information about that vulnerabilities.
******************************************
Title: Microsoft Security Update Revisions
Issued: August 15, 2022
*****************************************
Summary
=======
The following CVEs have undergone a revision increment.
=========================================
* CVE-2022-34711
* CVE-2022-35822
– CVE-2022-34711 | Windows Defender Credential Guard Elevation of Privilege
Vulnerability
– Version: 1.0
– Reason for Revision: Information published. This CVE was addressed by updates that
were released in August 2022, but the CVE was inadvertently omitted from the
August 2022 Security Updates. This is an informational change only. Customers
who have already installed the August 2022 update do not need to take any further
action.
– Originally posted: August 15, 2022
– Updated: N/A
– Aggregate CVE Severity Rating: Important
– CVE-2022-35822 | Windows Defender Credential Guard Security Feature Bypass
Vulnerability
– Version: 1.0
– Reason for Revision: Information published. This CVE was addressed by updates that
were released in August 2022, but the CVE was inadvertently omitted from the
August 2022 Security Updates. This is an informational change only. Customers
who have already installed the August 2022 update do not need to take any further
action.
– Originally posted: August 15, 2022
– Updated: N/A
– Aggregate CVE Severity Rating: Important
The patches are included in Windows 10/11 and its server counterparts as of August 9, 2022.
