May 2022 Monthly Patch Release

Published on 11 May 2022

Updated on 11 May 2022

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2022-May

CRITICAL VULNERABILITIES
CVE NumberCVE NameBase ScoreReference
CVE-2022-26937Windows Network File System Remote Code Execution Vulnerability9.8https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26937
CVE-2022-22017Remote Desktop Client Remote Code Execution Vulnerability8.8https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22017
CVE-2022-26923Active Directory Domain Services Elevation of Privilege Vulnerability8.8https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26923
CVE-2022-23270Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability8.1https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23270
CVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability8.1https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21972
CVE-2022-26931Windows Kerberos Elevation of Privilege Vulnerability7.5https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26931
CVE-2022-29972Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC DriverTBDhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29972