Microsoft has released May 2022 Patch Tuesday for all its products, including Windows 11 and Windows 11. The latest updates for Windows fix 75 bugs, including three zero-day exploits, two publicly exposed and one actively exploited.
Due to the nature of actively exploited zero-day exploits, it’s highly recommended that users download and install these Patch Tuesday updates immediately.
Table of contents
Before we share the download links, let’s discuss some details about the fixed vulnerabilities.
Fixed vulnerabilities
The following table lists down fixed vulnerabilities in each category:
| Category | No. of vulnerabilities fixed |
|---|---|
| Elevation of Privilege | 21 |
| Spoofing | 1 |
| Edge | 0 |
| Denial of Service | 6 |
| Remote Code Execution | 26 |
| Security Feature Bypass | 4 |
| Information Disclosure | 17 |
| Total | 75 |
Zero-day vulnerabilities
Zero-day vulnerability means that the vulnerability has been discovered and became public, with no official fix at the moment.
There are three zero-day vulnerabilities fixed in this May 2022 Patch Tuesday:
-
CVE-2022-22713 Hyper-V Denial of Service attack
Successful exploitation of this vulnerability could allow a Hyper-V guest to affect the functionality of the Hyper-V host. This is publicly exposed vulnerability, but is less likely to be exploited immediately.
-
CVE-2022-26925 PetitPotam NTLM relay attack
PetitPotam is an NTLM Relay attack used against Windows Domain Controllers or other Windows servers. This vulnerability will allow the attackers authenticate to the domain controller.
On NTLM-enabled networks, domain administrators must ensure that services that permit NTLM authentication use protections such as Extended Protection for Authentication (EPA) or signing features such as SMB signing in order to prevent NTLM Relay Attacks.
-
CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver
There is an argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver
Since these vulnerabilities have already been exposed, hackers will scan the web for vulnerable systems and may target unpatched systems at large scale. It is recommended all systems be patched with the latest Windows updates as soon as possible.
List of fixed vulnerabilities
Here is a list of all the fixed vulnerabilities for May 2022 Patch Tuesday:
| Software | CVE | Description | Severity |
|---|---|---|---|
| .NET and Visual Studio | CVE-2022-29117 | .NET and Visual Studio Denial of Service Vulnerability | Important |
| .NET and Visual Studio | CVE-2022-23267 | .NET and Visual Studio Denial of Service Vulnerability | Important |
| .NET and Visual Studio | CVE-2022-29145 | .NET and Visual Studio Denial of Service Vulnerability | Important |
| .NET Framework | CVE-2022-30130 | .NET Framework Denial of Service Vulnerability | Low |
| Azure SHIR | ADV220001 | Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972 | Critical |
| Microsoft Exchange Server | CVE-2022-21978 | Microsoft Exchange Server Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2022-26934 | Windows Graphics Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2022-22011 | Windows Graphics Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2022-29112 | Windows Graphics Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2022-26927 | Windows Graphics Component Remote Code Execution Vulnerability | Important |
| Microsoft Local Security Authority Server (lsasrv) | CVE-2022-26925 | Windows LSA Spoofing Vulnerability | Important |
| Microsoft Office | CVE-2022-29107 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office Excel | CVE-2022-29109 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office Excel | CVE-2022-29110 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2022-29108 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important |
| Microsoft Windows ALPC | CVE-2022-23279 | Windows ALPC Elevation of Privilege Vulnerability | Important |
| Remote Desktop Client | CVE-2022-26940 | Remote Desktop Protocol Client Information Disclosure Vulnerability | Important |
| Remote Desktop Client | CVE-2022-22017 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Role: Windows Fax Service | CVE-2022-29115 | Windows Fax Service Remote Code Execution Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-22713 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-24466 | Windows Hyper-V Security Feature Bypass Vulnerability | Important |
| Role: Windows Hyper-V | CVE-2022-29106 | Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability | Important |
| Self-hosted Integration Runtime | CVE-2022-29972 | Insight Software: CVE-2022-29972 Magnitude Simba Amazon Redshift ODBC Driver | Critical |
| Tablet Windows User Interface | CVE-2022-29126 | Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2022-29148 | Visual Studio Remote Code Execution Vulnerability | Important |
| Visual Studio Code | CVE-2022-30129 | Visual Studio Code Remote Code Execution Vulnerability | Important |
| Windows Active Directory | CVE-2022-26923 | Active Directory Domain Services Elevation of Privilege Vulnerability | Critical |
| Windows Address Book | CVE-2022-26926 | Windows Address Book Remote Code Execution Vulnerability | Important |
| Windows Authentication Methods | CVE-2022-26913 | Windows Authentication Security Feature Bypass Vulnerability | Important |
| Windows BitLocker | CVE-2022-29127 | BitLocker Security Feature Bypass Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29122 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29135 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29138 | Windows Clustered Shared Volume Elevation of Privilege Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29134 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29120 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29151 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29123 | Windows Clustered Shared Volume Information Disclosure Vulnerability | Important |
| Windows Cluster Shared Volume (CSV) | CVE-2022-29150 | Windows Cluster Shared Volume (CSV) Elevation of Privilege Vulnerability | Important |
| Windows Failover Cluster Automation Server | CVE-2022-29102 | Windows Failover Cluster Information Disclosure Vulnerability | Important |
| Windows Kerberos | CVE-2022-26931 | Windows Kerberos Elevation of Privilege Vulnerability | Critical |
| Windows Kernel | CVE-2022-29142 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2022-29116 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2022-29133 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29141 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22014 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29137 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29139 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22013 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-22012 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29128 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29129 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29130 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows LDAP – Lightweight Directory Access Protocol | CVE-2022-29131 | Windows LDAP Remote Code Execution Vulnerability | Important |
| Windows Media | CVE-2022-29105 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | Important |
| Windows Media | CVE-2022-29113 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | Important |
| Windows Media | CVE-2022-22016 | Windows PlayToManager Elevation of Privilege Vulnerability | Important |
| Windows Network File System | CVE-2022-26937 | Windows Network File System Remote Code Execution Vulnerability | Critical |
| Windows NTFS | CVE-2022-26933 | Windows NTFS Information Disclosure Vulnerability | Important |
| Windows Point-to-Point Tunneling Protocol | CVE-2022-23270 | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical |
| Windows Point-to-Point Tunneling Protocol | CVE-2022-21972 | Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | Critical |
| Windows Print Spooler Components | CVE-2022-29104 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-29132 | Windows Print Spooler Elevation of Privilege Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-29140 | Windows Print Spooler Information Disclosure Vulnerability | Important |
| Windows Print Spooler Components | CVE-2022-29114 | Windows Print Spooler Information Disclosure Vulnerability | Important |
| Windows Push Notifications | CVE-2022-29125 | Windows Push Notifications Apps Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2022-29103 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | Important |
| Windows Remote Access Connection Manager | CVE-2022-26930 | Windows Remote Access Connection Manager Information Disclosure Vulnerability | Important |
| Windows Remote Desktop | CVE-2022-22015 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | Important |
| Windows Remote Procedure Call Runtime | CVE-2022-22019 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | Important |
| Windows Server Service | CVE-2022-26936 | Windows Server Service Information Disclosure Vulnerability | Important |
| Windows Storage Spaces Controller | CVE-2022-26932 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
| Windows Storage Spaces Controller | CVE-2022-26939 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
| Windows Storage Spaces Controller | CVE-2022-26938 | Storage Spaces Direct Elevation of Privilege Vulnerability | Important |
| Windows WLAN Auto Config Service | CVE-2022-29121 | Windows WLAN AutoConfig Service Denial of Service Vulnerability | Important |
| Windows WLAN Auto Config Service | CVE-2022-26935 | Windows WLAN AutoConfig Service Information Disclosure Vulnerability | Important |
You can check out the complete list of vulnerabilities here.
Download KB5013943 for Windows 11 Version 22H1 (OS Build 22000.675)
For the latest version of Windows 11, you can download KB5013943 and keep your system safe from all the vulnerabilities discussed above.
Apart from the bugfixes, there are a few improvements, highlights and known issues in KB5013943 for Windows 11.
-
Highlights
- Addresses security issues for your Windows operating system.
-
Improvements
- Addresses a known issue that might cause issues for some .NET Framework 3.5 apps or prevent those apps from opening. The affected apps use certain optional components in .NET Framework 3.5, such as Windows Communication Foundation (WCF) and Windows Workflow (WWF) components.
- Addresses a known issue that might cause your screen to flicker if you start your device in Safe Mode. Components that rely on explorer.exe, such as File Explorer, the Start menu, and the taskbar, might be affected and appear unstable.
-
Known Issues
- After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might not start.
For more information, please visit Microsoft KB help page.
Download Links
2022-05 Cumulative Update for Windows 11 for x64-based Systems (KB5013943) [263.1 MB]
2022-05 Cumulative Update for Windows 11 for ARM64-based Systems (KB5013943) [335.6 MB]
All KB5013943 Updates from Microsoft Catalog
Download KB5013942 for Windows 10 20H2, 21H1 and 21H2 (OS Builds 19042.1706, 19043.1706, and 19044.1706)
With this update, Windows 10 20H2 and 1909 have reached the end of service. Users running these versions should upgrade to the latest Windows 10 21H2. Otherwise, users running Home and Pro editions of these Operating Systems will no longer get updates from Windows Update.
Apart from the bugfixes, the following changes have been made in KB5013942 for Windows 10.
Improvements and highlights
- This update contains various security improvements to internal OS functionality. No additional issues were documented for this release.
Windows 10 includes the same known issues as Windows 11.
Download Links
2022-05 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5013942) [666.5 MB]
2022-05 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5013942) [314.2 MB]
2022-05 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5013942) [666.5 MB]
2022-05 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5013942) [314.2 MB]
2022-05 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5013942) [650.4 MB]
2022-05 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5013942) [306.9 MB]
All KB5013942 for Windows 10 download links
At the end, we would highly recommend that you install these updates as soon as possible. If you have an Internet connected or Domain connected system, it can potentially be a target of hackers.
Secondly, if you are running Windows 10 20H2 or Windows 10 Version 1909, you should upgrade to the latest version as these versions will not get further updates from Microsoft.
Windows 11 Cumulative Updates History
| KB Update | Release Date | Features and fixes |
|---|---|---|
| KB5018427/KB5018418 | 12-Oct-22 | – Security improvements and fixes |
| KB5017328 | 14-Sep-22 | – Remotely add languages, Windows Defender blocks ransomware and advanced attacks. |
| KB5016629 | 10-Aug-22 | – Fixed start menu not opening. |
| KB5015814 | 13-Jul-22 | – New feature: Search highlights |
| KB5014697 | 15-Jun-22 | – Windows Spotlight for Desktop – Family safety improvements – Faster file copying and network transfers |
| KB5013943 | 10-May-22 | – (Windows 11) 3 publicly exploits fixed |
| KB5012643 | 25-Apr-22 | – Fix Windows 11 startup delay |
| KB5011493 | 8-Mar-22 | – Clock and dates added to taskbar on multiple monitors. – Weather flyout shifted to left of taskbar. – Mute/Unmute Microsoft Teams from taskbar. |
| KB5010386 | 8-Feb-22 | – An issue with Lightweight Directory Access Protocol (LDAP) was fixed. |
| KB5009566 | 11-Jan-22 | – Introduction of Fluent-style emojis. |
| KB5008215 | 14-Dec-21 | – Few security updates. |
| KB5007215 | 9-Nov-21 | – A display issue regarding certain apps using GDI+ was fixed. |
| KB5006674 | 12-Oct-21 | – A compatibility issue between some Intel “Killer” and “SmartByte” networking software and Windows 11 was fixed. |
