Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Monthly Patch

December 2022 Monthly Patch

14 December 2022

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to 

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2022-Dec

Critical vulnerabilities

CVE Number

CVE Name

Base Score

Reference

CVE-2022-44693

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44693

CVE-2022-44690

Microsoft SharePoint Server Remote Code Execution Vulnerability

8.8

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44690

CVE-2022-41076

PowerShell Remote Code Execution Vulnerability

8.5

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41076

CVE-2022-41127

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

8.5

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41127

CVE-2022-44676

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44676

CVE-2022-44670

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

8.1

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44670


Back to top