Download May 2022 Patch Tuesday Updates For Windows 11/10 Fixing 75 Vulnerabilities

Patch Tuesday Windows 11Patch Tuesday Windows 11

Microsoft has released May 2022 Patch Tuesday for all its products, including Windows 11 and Windows 11. The latest updates for Windows fix 75 bugs, including three zero-day exploits, two publicly exposed and one actively exploited.

Due to the nature of actively exploited zero-day exploits, it’s highly recommended that users download and install these Patch Tuesday updates immediately.

Before we share the download links, let’s discuss some details about the fixed vulnerabilities.

Fixed vulnerabilities

The following table lists down fixed vulnerabilities in each category:

CategoryNo. of vulnerabilities fixed
Elevation of Privilege21
Spoofing1
Edge0
Denial of Service6
Remote Code Execution26
Security Feature Bypass4
Information Disclosure17
Total75

Zero-day vulnerabilities

Zero-day vulnerability means that the vulnerability has been discovered and became public, with no official fix at the moment.

There are three zero-day vulnerabilities fixed in this May 2022 Patch Tuesday:

  • CVE-2022-22713 Hyper-V Denial of Service attack

    Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. This is publicly exposed vulnerability, but is less likely to be exploited immediately.

  • CVE-2022-26925 PetitPotam NTLM relay attack

    PetitPotam is an NTLM Relay attack used against Windows Domain Controllers or other Windows servers. This vulnerability will allow the attackers authenticate to the domain controller.

    On NTLM-enabled networks, domain administrators must ensure that services that permit NTLM authentication use protections such as Extended Protection for Authentication (EPA) or signing features such as SMB signing in order to prevent NTLM Relay Attacks.

  • CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver

    There is an argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver

Since these vulnerabilities have already been exposed, hackers will scan the web for vulnerable systems and may target unpatched systems at large scale. It is recommended all systems be patched with the latest Windows updates as soon as possible.

List of fixed vulnerabilities

Here is a list of all the fixed vulnerabilities for May 2022 Patch Tuesday:

SoftwareCVEDescriptionSeverity
.NET and Visual StudioCVE-2022-29117.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-23267.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET and Visual StudioCVE-2022-29145.NET and Visual Studio Denial of Service VulnerabilityImportant
.NET FrameworkCVE-2022-30130.NET Framework Denial of Service VulnerabilityLow
Azure SHIRADV220001Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972Critical
Microsoft Exchange ServerCVE-2022-21978Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26934Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-22011Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-29112Windows Graphics Component Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2022-26927Windows Graphics Component Remote Code Execution VulnerabilityImportant
Microsoft Local Security Authority Server (lsasrv)CVE-2022-26925Windows LSA Spoofing VulnerabilityImportant
Microsoft OfficeCVE-2022-29107Microsoft Office Security Feature Bypass VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29109Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2022-29110Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office SharePointCVE-2022-29108Microsoft SharePoint Server Remote Code Execution VulnerabilityImportant
Microsoft Windows ALPCCVE-2022-23279Windows ALPC Elevation of Privilege VulnerabilityImportant
Remote Desktop ClientCVE-2022-26940Remote Desktop Protocol Client Information Disclosure VulnerabilityImportant
Remote Desktop ClientCVE-2022-22017Remote Desktop Client Remote Code Execution VulnerabilityCritical
Role: Windows Fax ServiceCVE-2022-29115Windows Fax Service Remote Code Execution VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-22713Windows Hyper-V Denial of Service VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-24466Windows Hyper-V Security Feature Bypass VulnerabilityImportant
Role: Windows Hyper-VCVE-2022-29106Windows Hyper-V Shared Virtual Disk Elevation of Privilege VulnerabilityImportant
Self-hosted Integration RuntimeCVE-2022-29972Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC DriverCritical
Tablet Windows User InterfaceCVE-2022-29126Tablet Windows User Interface Application Core Elevation of Privilege VulnerabilityImportant
Visual StudioCVE-2022-29148Visual Studio Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2022-30129Visual Studio Code Remote Code Execution VulnerabilityImportant
Windows Active DirectoryCVE-2022-26923Active Directory Domain Services Elevation of Privilege VulnerabilityCritical
Windows Address BookCVE-2022-26926Windows Address Book Remote Code Execution VulnerabilityImportant
Windows Authentication MethodsCVE-2022-26913Windows Authentication Security Feature Bypass VulnerabilityImportant
Windows BitLockerCVE-2022-29127BitLocker Security Feature Bypass VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29122Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29135Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29138Windows Clustered Shared Volume Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29134Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29120Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29151Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29123Windows Clustered Shared Volume Information Disclosure VulnerabilityImportant
Windows Cluster Shared Volume (CSV)CVE-2022-29150Windows Cluster Shared Volume (CSV) Elevation of Privilege VulnerabilityImportant
Windows Failover Cluster Automation ServerCVE-2022-29102Windows Failover Cluster Information Disclosure VulnerabilityImportant
Windows KerberosCVE-2022-26931Windows Kerberos Elevation of Privilege VulnerabilityCritical
Windows KernelCVE-2022-29142Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2022-29116Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2022-29133Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29141Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22014Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29137Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29139Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22013Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-22012Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29128Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29129Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29130Windows LDAP Remote Code Execution VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2022-29131Windows LDAP Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29105Microsoft Windows Media Foundation Remote Code Execution VulnerabilityImportant
Windows MediaCVE-2022-29113Windows Digital Media Receiver Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2022-22016Windows PlayToManager Elevation of Privilege VulnerabilityImportant
Windows Network File SystemCVE-2022-26937Windows Network File System Remote Code Execution VulnerabilityCritical
Windows NTFSCVE-2022-26933Windows NTFS Information Disclosure VulnerabilityImportant
Windows Point-to-Point Tunneling ProtocolCVE-2022-23270Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Point-to-Point Tunneling ProtocolCVE-2022-21972Point-to-Point Tunneling Protocol Remote Code Execution VulnerabilityCritical
Windows Print Spooler ComponentsCVE-2022-29104Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29132Windows Print Spooler Elevation of Privilege VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29140Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Print Spooler ComponentsCVE-2022-29114Windows Print Spooler Information Disclosure VulnerabilityImportant
Windows Push NotificationsCVE-2022-29125Windows Push Notifications Apps Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-29103Windows Remote Access Connection Manager Elevation of Privilege VulnerabilityImportant
Windows Remote Access Connection ManagerCVE-2022-26930Windows Remote Access Connection Manager Information Disclosure VulnerabilityImportant
Windows Remote DesktopCVE-2022-22015Windows Remote Desktop Protocol (RDP) Information Disclosure VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2022-22019Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Server ServiceCVE-2022-26936Windows Server Service Information Disclosure VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26932Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26939Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows Storage Spaces ControllerCVE-2022-26938Storage Spaces Direct Elevation of Privilege VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-29121Windows WLAN AutoConfig Service Denial of Service VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2022-26935Windows WLAN AutoConfig Service Information Disclosure VulnerabilityImportant

You can check out the complete list of vulnerabilities here.

Download KB5013943 for Windows 11 Version 22H1 (OS Build 22000.675)

For the latest version of Windows 11, you can download KB5013943 and keep your system safe from all the vulnerabilities discussed above.

Apart from the bugfixes, there are a few improvements, highlights and known issues in KB5013943 for Windows 11.

  1. Highlights

    • Addresses security issues for your Windows operating system.
  2. Improvements

    • Addresses a known issue that might cause issues for some .NET Framework 3.5 apps or prevent those apps from opening. The affected apps use certain optional components in .NET Framework 3.5, such as Windows Communication Foundation (WCF) and Windows Workflow (WWF) components.
    • Addresses a known issue that might cause your screen to flicker if you start your device in Safe Mode. Components that rely on explorer.exe, such as File Explorer, the Start menu, and the taskbar, might be affected and appear unstable.
  3. Known Issues

    • After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might not start.

For more information, please visit Microsoft KB help page.

Download Links

2022-05 Cumulative Update for Windows 11 for x64-based Systems (KB5013943) [263.1 MB]

2022-05 Cumulative Update for Windows 11 for ARM64-based Systems (KB5013943) [335.6 MB]

All KB5013943 Updates from Microsoft Catalog

Download KB5013942 for Windows 10 20H2, 21H1 and 21H2 (OS Builds 19042.1706, 19043.1706, and 19044.1706)

With this update, Windows 10 20H2 and 1909 have reached the end of service. Users running these versions should upgrade to the latest Windows 10 21H2. Otherwise, users running Home and Pro editions of these Operating Systems will no longer get updates from Windows Update.

Apart from the bugfixes, the following changes have been made in KB5013942 for Windows 10.

Improvements and highlights

  • This update contains various security improvements to internal OS functionality. No additional issues were documented for this release.

Windows 10 includes the same known issues as Windows 11.

Download Links

2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942) [666.5 MB]

2022-05 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5013942) [314.2 MB]

2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5013942) [666.5 MB]

2022-05 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5013942) [314.2 MB]

2022-05 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5013942) [650.4 MB]

2022-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5013942) [306.9 MB]

All KB5013942 for Windows 10 download links

At the end, we would highly recommend that you install these updates as soon as possible. If you have an Internet connected or Domain connected system, it can potentially be a target of hackers.

Secondly, if you are running Windows 10 20H2 or Windows 10 Version 1909, you should upgrade to the latest version as these versions will not get further updates from Microsoft.

Windows 11 Patch Tuesday History

KB ArticleOS VersionBuildRelease DateSignificant ChangesAnnouncement
KB503476523H2, 22H2226X1.315513-2-24Fixed Narrator, search in Start menu, and more. Moved Copilot icon in taskbar to the rightMicrosoft announcement of KB5034765
KB503412323H2, 22H2226X1.30079-Jan-23Improved weather widget on lock screen, fixed Wi-Fi connectivity issue for education and corporate usersMicrosoft announcement of KB5034123
KB503337523H2, 22H2226X1.286112-Dec-23Copilot improvements, Windows Spotlight to be the default backgroundMicrosoft announcement of KB5033375
KB503219023H2, 22H2226X1.2715 14-Nov-23Enable Moment 4 features, addresses zero-day vulnerabilities, introduces issues with Copilot and COLRv1.Microsoft announcement of KB5032190
KB503135422H222621.242810-Oct-23Introduces Copilot and Dev Drives, new voice access commands, improvements to Settings app and File ExplorerMicrosoft announcement of KB5031354
KB503021922H222621.228312-Sep-23Improved Search app, search flyout box on hover, easily tab through search resultsMicrosoft announcement of KB5030219
KB502926322H222621.21348-Aug-23Addresses VPN issues, more accurate brightness levels, notifications more reliableMicrosoft Announcement of KB5029263
KB502925321H222000.22958-Aug-23Addresses VPN issues, reliable notificationsMicrosoft Announcement of KB5029253
KB502818522H222621.199211-Jul-23Share local files with Outlook contacts, 78 vulnerabilities addressesMicrosoft Announcement of KB5028185
KB502818221H222000.217611-Jul-23Announcement of some Windows 11 22H2 editions EOL, share local files with Outlook contacts Microsoft Announcement of KB5028182
KB502723122H222621.184813-Jun-23Fixes a known issue with 32-bit apps, addresses a Windows kernel information disclosure vulnerabilityMicrosoft Announcement of KB5027231
KB502722321H222000.205713-Jun-23Fixes a known issue with 32-bit apps, addresses a Windows kernel information disclosure vulnerabilityMicrosoft Announcement of KB5027223
KB502637222H222621.17029-May-23Option to get the latest non-security updates immediately, new animations in the Widgets iconsMicrosoft Announcement of KB5026372
KB502636821H222000.19369-May-23Addresses issues with LSASS and other fixesMicrosoft Announcement of KB5026368
KB502523922H222621.155511-Apr-23Microsoft account notifications in the Start menu, the search box will be lighter in a custom color theme, and a plethora of fixesMicrosoft Announcement of KB5025239
KB502522421H222000.181711-Apr-23Fixes known issues with kiosk devicesMicrosoft Announcement of KB5025224
KB502370622H222621.141314-Mar-23AI Bing search box, iOS linking, tabbed notepad, screen recording from Snipping Tool, redesigned Quick AssistMicrosoft Announcement of KB5023706
KB502369821H222000.169614-Mar-23Phase three of DCOM hardening, other fixesMicrosoft Announcement of KB5023698
KB502284522H222621.126514-Feb-23.NET Framework updates integrated into UUP-based feature updatesMicrosoft Announcement of KB5022845
KB502283621H222000.157414-Feb-23– Combines Windows Spotlight with Themes on the Personalization page
– Multiple changes to the Accounts Settings page
Microsoft Announcement of KB5022836
KB502230322H222621.110510-Jan-23– ODBC Connectivity with SQL Server fixed.
– Local Session Manager security issues fixed
Microsoft Announcement of KB5022303
KB502228721H222000.145510-Jan-23– ODBC Connectivity with SQL Server fixed.
– Local Session Manager security issues fixed
Microsoft Announcement of KB5022287
KB502125522H222621.96313-Dec-22-UI discrepancies in Task Manager are fixed
-DPAPI decryption issue is fixed
Microsoft Announcement of KB5021255
KB5021234 21H222000.133513-Dec-22-UI discrepancies in Task Manager are fixed
-DPAPI decryption issue is fixed
Microsoft Announcement of KB5021234
KB501998022H222621.8198-Nov-22Task Manager option added to taskbar’s context menuMicrosoft Announcement of KB5019980
KB501996121H222000.12198-Nov-22Task Manager option added to taskbar’s context menuMicrosoft Announcement of KB5019961
Changelog for Windows 11 Patch Tuesday updates
If you liked this post, Share it on:

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information

Usman Khurshid
Usman Khurshid is a seasoned IT Pro with over 15 years of experience in the IT industry. He has experience in everything from IT support, helpdesk, sysadmin, network admin, and cloud computing. He is also certified in Microsoft Technologies (MCTS and MCSA) and also Cisco Certified Professional in Routing and Switching.

Leave the first comment