www.belgium.be Logo of the federal government


Advisory #2022-001
Affected software: 
Microsoft’s HTTP Protocol Stack (http.sys)
Microsoft Exchange Server
Windows Security Center API
Windows Remote Desktop Protocol (RDP)
Remote Code Execution + Various

97 vulnerabilities, of which:

  • 41 Elevation of Privilege Vulnerabilities
  • 29 Remote Code Execution Vulnerabilities
  • 9 Denial of Service Vulnerabilities
  • 9 Security Feature Bypass
  • 3 Spoofing Vulnerabilities
  • 6 Information Disclosure Vulnerabilities

9 Critical:

  • CVE-2022-21846 | Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2022-21840 | Microsoft Office Remote Code Execution Vulnerability
  • CVE-2022-21917 | HEVC Video Extensions Remote Code Execution Vulnerability        
  • CVE-2021-22947 | Open Source Curl Remote Code Execution Vulnerability
  • CVE-2022-21857 | Active Directory Domain Services Elevation of Privilege Vulnerability
  • CVE-2022-21898 | DirectX Graphics Kernel Remote Code Execution Vulnerability
  • CVE-2022-21912 | DirectX Graphics Kernel Remote Code Execution Vulnerability
  • CVE-2022-21907 | HTTP Protocol Stack Remote Code Execution Vulnerability
  • CVE-2022-21833 | Virtual Machine IDE Drive Elevation of Privilege Vulnerability

Actively exploited:

  • The 6 zero-day vulnerabilities are not actively exploited in the wild.


Multiple vulnerabilities in Microsoft products, posing a range of risks. Some vulnerabilities may crash the targeted device, while others can be used to take complete control over the device.

This month’s Patch Tuesday includes several severe vulnerabilities for a wide range of Microsoft products, including vulnerabilities in Microsoft Exchange and Windows Remote Desktop, that can be used to run arbitrary code on the vulnerable device remotely. Nine vulnerabilities are marked as “Critical” by Microsoft and require urgent attention.

Several vulnerabilities, including critical ones, are applicable for both Microsoft Server and Workstation.

Other vulnerabilities are also present, ranging from "Moderate" to “Critical”. In total, Microsoft released patches for 97 vulnerabilities. 9 of these vulnerabilities have the highest severity (Critical).


Microsoft has released multiple patches for vulnerabilities covering a range of their products. These monthly releases are called “Patch Tuesday”, and contain security fixes for Microsoft devices and software. This month’s release covers 97 vulnerabilities, 6 of which are considered zero-day vulnerabilities. Due to the high severity and risk of these vulnerabilities, urgent patching is advised.

Recommended Actions

CERT.be recommends installing updates for vulnerable devices with the highest priority. Updates can be done through Microsoft’s Update panel, and/or through their Security Advisory website.