Download May 2022 Patch Tuesday Updates For Windows 11/10 Fixing 75 Vulnerabilities

Microsoft has released May 2022 Patch Tuesday for all its products, including Windows 11 and Windows 11. The…

Patch Tuesday Windows 11

Microsoft has released May 2022 Patch Tuesday for all its products, including Windows 11 and Windows 11. The latest updates for Windows fix 75 bugs, including three zero-day exploits, two publicly exposed and one actively exploited.

Due to the nature of actively exploited zero-day exploits, it’s highly recommended that users download and install these Patch Tuesday updates immediately.

Before we share the download links, let’s discuss some details about the fixed vulnerabilities.

Fixed vulnerabilities

The following table lists down fixed vulnerabilities in each category:

CategoryNo. of vulnerabilities fixed
Elevation of Privilege21
Spoofing1
Edge0
Denial of Service6
Remote Code Execution26
Security Feature Bypass4
Information Disclosure17
Total75

Zero-day vulnerabilities

Zero-day vulnerability means that the vulnerability has been discovered and became public, with no official fix at the moment.

There are three zero-day vulnerabilities fixed in this May 2022 Patch Tuesday:

  • CVE-2022-22713 Hyper-V Denial of Service attack

    Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. This is publicly exposed vulnerability, but is less likely to be exploited immediately.

  • CVE-2022-26925 PetitPotam NTLM relay attack

    PetitPotam is an NTLM Relay attack used against Windows Domain Controllers or other Windows servers. This vulnerability will allow the attackers authenticate to the domain controller.

    On NTLM-enabled networks, domain administrators must ensure that services that permit NTLM authentication use protections such as Extended Protection for Authentication (EPA) or signing features such as SMB signing in order to prevent NTLM Relay Attacks.

  • CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver

    There is an argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver

Since these vulnerabilities have already been exposed, hackers will scan the web for vulnerable systems and may target unpatched systems at large scale. It is recommended all systems be patched with the latest Windows updates as soon as possible.

List of fixed vulnerabilities

Here is a list of all the fixed vulnerabilities for May 2022 Patch Tuesday:

SoftwareCVEDescriptionSeverity
.NET and Visual StudioCVE-2022-29117.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-23267.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-29145.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET FrameworkCVE-2022-30130.NET Framework Denial of Service VulnerabilityLow
Azure SHIRADV220001Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972Critical
Microsoft Exchange ServerCVE-2022-21978Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26934Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-22011Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-29112Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26927Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft Local Security Authority Server (lsasrv)CVE-2022-26925Windows LSA Spoofing VulnerabilityImportant
Microsoft OfficeCVE-2022-29107Microsoft Office Security Feature Bypass VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29109Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29110Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2022-29108Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Windows ALPCCVE-2022-23279Windows ALPC Elevation of Privilege VulnerabilityImportant
Remote Desktop ClientCVE-2022-26940Remote Desktop Protocol Client Information Disclosure VulnerabilityImportant
Remote Desktop ClientCVE-2022-22017Remote Desktop Client Remote Code Execution VulnerabilityCritical
Role: Windows Fax ServiceCVE-2022-29115Windows Fax Service Remote Code Execution VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-22713Windows Hyper-V Denial of Service VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-24466Windows Hyper-V Security Feature Bypass VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-29106Windows Hyper-V Shared Virtual Disk Elevation of Privilege VulnerabilityImportant
Self-hosted Integration RuntimeCVE-2022-29972Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC DriverCritical
Tablet Windows User InterfaceCVE-2022-29126Tablet Windows User Interface Application Core Elevation of Privilege VulnerabilityImportant
Visual StudioCVE-2022-29148Visual Studio Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2022-30129Visual Studio Code Remote Code Execution VulnerabilityImportant
Windows Active DirectoryCVE-2022-26923Active Directory Domain Services Elevation of Privilege VulnerabilityCritical
Windows Address BookCVE-2022-26926Windows Address Book Remote Code Execution VulnerabilityImportant
Windows Authentication MethodsCVE-2022-26913Windows Authentication Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2022-29127BitLocker Security Feature Bypass VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29122Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29135Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29138Windows Clustered Shared Volume Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29134Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29120Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29151Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29123Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29150Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Failover Cluster Automation ServerCVE-2022-29102Windows Failover Cluster Information Disclosure VulnerabilityImportant
Windows KerberosCVE-2022-26931Windows Kerberos Elevation of Privilege VulnerabilityCritical
Windows KernelCVE-2022-29142Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2022-29116Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2022-29133Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29141Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22014Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29137Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29139Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22013Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22012Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29128Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29129Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29130Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29131Windows LDAP Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29105Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29113Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2022-22016Windows PlayToManager Elevation of Privilege VulnerabilityImportant
Windows Network File SystemCVE-2022-26937Windows Network File System Remote Code Execution VulnerabilityCritical
Windows NTFSCVE-2022-26933Windows NTFS Information Disclosure VulnerabilityImportant
Windows Point-to-Point Tunneling ProtocolCVE-2022-23270Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Point-to-Point Tunneling ProtocolCVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Print Spooler ComponentsCVE-2022-29104Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29132Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29140Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29114Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Push NotificationsCVE-2022-29125Windows Push Notifications Apps Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-29103Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-26930Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Remote DesktopCVE-2022-22015Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2022-22019Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Server ServiceCVE-2022-26936Windows Server Service Information Disclosure VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26932Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26939Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26938Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-29121Windows WLAN AutoConfig Service Denial of Service VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-26935Windows WLAN AutoConfig Service Information Disclosure VulnerabilityImportant

You can check out the complete list of vulnerabilities here.

Download KB5013943 for Windows 11 Version 22H1 (OS Build 22000.675)

For the latest version of Windows 11, you can download KB5013943 and keep your system safe from all the vulnerabilities discussed above.

Apart from the bugfixes, there are a few improvements, highlights and known issues in KB5013943 for Windows 11.

  1. Highlights

    • Addresses security issues for your Windows operating system.
  2. Improvements

    • Addresses a known issue that might cause issues for some .NET Framework 3.5 apps or prevent those apps from opening. The affected apps use certain optional components in .NET Framework 3.5, such as Windows Communication Foundation (WCF) and Windows Workflow (WWF) components.
    • Addresses a known issue that might cause your screen to flicker if you start your device in Safe Mode. Components that rely on explorer.exe, such as File Explorer, the Start menu, and the taskbar, might be affected and appear unstable.
  3. Known Issues

    • After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might not start.

For more information, please visit Microsoft KB help page.

Download Links

2022-05 Cumulative Update for Windows 11 for x64-based Systems (KB5013943) [263.1 MB]

2022-05 Cumulative Update for Windows 11 for ARM64-based Systems (KB5013943) [335.6 MB]

All KB5013943 Updates from Microsoft Catalog

Download KB5013942 for Windows 10 20H2, 21H1 and 21H2 (OS Builds 19042.1706, 19043.1706, and 19044.1706)

With this update, Windows 10 20H2 and 1909 have reached the end of service. Users running these versions should upgrade to the latest Windows 10 21H2. Otherwise, users running Home and Pro editions of these Operating Systems will no longer get updates from Windows Update.

Apart from the bugfixes, the following changes have been made in KB5013942 for Windows 10.

Improvements and highlights

  • This update contains various security improvements to internal OS functionality. No additional issues were documented for this release.

Windows 10 includes the same known issues as Windows 11.

Download Links

2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942) [666.5 MB]

2022-05 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5013942) [314.2 MB]

2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5013942) [666.5 MB]

2022-05 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5013942) [314.2 MB]

2022-05 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5013942) [650.4 MB]

2022-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5013942) [306.9 MB]

All KB5013942 for Windows 10 download links

At the end, we would highly recommend that you install these updates as soon as possible. If you have an Internet connected or Domain connected system, it can potentially be a target of hackers.

Secondly, if you are running Windows 10 20H2 or Windows 10 Version 1909, you should upgrade to the latest version as these versions will not get further updates from Microsoft.

Windows 11 Cumulative Updates History

KB UpdateFeatures and fixes
KB5013943– (Windows 11) 3 publicly exploits fixed
KB5012643– Fix Windows 11 startup delay
KB5011493– Clock and dates added to taskbar on multiple monitors.
– Weather flyout shifted to left of taskbar.
– Mute/Unmute Microsoft Teams from taskbar.
KB5010386– An issue with Lightweight Directory Access Protocol (LDAP) was fixed.
KB5009566– Introduction of Fluent-style emojis.
KB5008215– Few security updates.
KB5007215– A display issue regarding certain apps using GDI+ was fixed.
KB5006674– A compatibility issue between some Intel “Killer” and “SmartByte” networking software and Windows 11 was fixed.
Windows 11 Patch Tuesday history

Also see:

Subscribe to our Newsletter

Get the latest tech news, advice and downloads in your inbox

Leave a Reply

You have to agree to the comment policy.