Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0121 Microsoft Patch Tuesday update for Microsoft Windows for May 2022 11 May 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-29151 CVE-2022-29150 CVE-2022-29142 CVE-2022-29141 CVE-2022-29140 CVE-2022-29139 CVE-2022-29138 CVE-2022-29137 CVE-2022-29135 CVE-2022-29134 CVE-2022-29133 CVE-2022-29132 CVE-2022-29131 CVE-2022-29130 CVE-2022-29129 CVE-2022-29128 CVE-2022-29127 CVE-2022-29126 CVE-2022-29125 CVE-2022-29123 CVE-2022-29122 CVE-2022-29121 CVE-2022-29120 CVE-2022-29116 CVE-2022-29115 CVE-2022-29114 CVE-2022-29113 CVE-2022-29112 CVE-2022-29106 CVE-2022-29105 CVE-2022-29104 CVE-2022-29103 CVE-2022-29102 CVE-2022-26940 CVE-2022-26939 CVE-2022-26938 CVE-2022-26937 CVE-2022-26936 CVE-2022-26935 CVE-2022-26934 CVE-2022-26933 CVE-2022-26932 CVE-2022-26931 CVE-2022-26930 CVE-2022-26927 CVE-2022-26926 CVE-2022-26925 CVE-2022-26923 CVE-2022-26913 CVE-2022-24466 CVE-2022-23279 CVE-2022-23270 CVE-2022-22713 CVE-2022-22019 CVE-2022-22017 CVE-2022-22016 CVE-2022-22015 CVE-2022-22014 CVE-2022-22013 CVE-2022-22012 CVE-2022-22011 CVE-2022-21972 Comment: CVSS (Max): 9.8 CVE-2022-29130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Microsoft reports CVE-2022-26925 being actively exploited OVERVIEW Microsoft has released its monthly security patch update for the month of May 2022. This update resolves 62 vulnerabilities across the following products: [1] Remote Desktop client Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-21972 Remote Code Execution Critical CVE-2022-22011 Information Disclosure Important CVE-2022-22012 Remote Code Execution Important CVE-2022-22013 Remote Code Execution Important CVE-2022-22014 Remote Code Execution Important CVE-2022-22015 Information Disclosure Important CVE-2022-22016 Elevation of Privilege Important CVE-2022-22017 Remote Code Execution Critical CVE-2022-22019 Remote Code Execution Important CVE-2022-22713 Denial of Service Important CVE-2022-23270 Remote Code Execution Critical CVE-2022-23279 Elevation of Privilege Important CVE-2022-24466 Security Feature Bypass Important CVE-2022-26913 Security Feature Bypass Important CVE-2022-26923 Elevation of Privilege Critical CVE-2022-26925 Spoofing Important CVE-2022-26926 Remote Code Execution Important CVE-2022-26927 Remote Code Execution Important CVE-2022-26930 Information Disclosure Important CVE-2022-26931 Elevation of Privilege Critical CVE-2022-26932 Elevation of Privilege Important CVE-2022-26933 Information Disclosure Important CVE-2022-26934 Information Disclosure Important CVE-2022-26935 Information Disclosure Important CVE-2022-26936 Information Disclosure Important CVE-2022-26937 Remote Code Execution Critical CVE-2022-26938 Elevation of Privilege Important CVE-2022-26939 Elevation of Privilege Important CVE-2022-26940 Information Disclosure Important CVE-2022-29102 Information Disclosure Important CVE-2022-29103 Elevation of Privilege Important CVE-2022-29104 Elevation of Privilege Important CVE-2022-29105 Remote Code Execution Important CVE-2022-29106 Elevation of Privilege Important CVE-2022-29112 Information Disclosure Important CVE-2022-29113 Elevation of Privilege Important CVE-2022-29114 Information Disclosure Important CVE-2022-29115 Remote Code Execution Important CVE-2022-29116 Information Disclosure Important CVE-2022-29120 Information Disclosure Important CVE-2022-29121 Denial of Service Important CVE-2022-29122 Information Disclosure Important CVE-2022-29123 Information Disclosure Important CVE-2022-29125 Elevation of Privilege Important CVE-2022-29126 Elevation of Privilege Important CVE-2022-29127 Security Feature Bypass Important CVE-2022-29128 Remote Code Execution Important CVE-2022-29129 Remote Code Execution Important CVE-2022-29130 Remote Code Execution Important CVE-2022-29131 Remote Code Execution Important CVE-2022-29132 Elevation of Privilege Important CVE-2022-29133 Elevation of Privilege Important CVE-2022-29134 Information Disclosure Important CVE-2022-29135 Elevation of Privilege Important CVE-2022-29137 Remote Code Execution Important CVE-2022-29138 Elevation of Privilege Important CVE-2022-29139 Remote Code Execution Important CVE-2022-29140 Information Disclosure Important CVE-2022-29141 Remote Code Execution Important CVE-2022-29142 Elevation of Privilege Important CVE-2022-29150 Elevation of Privilege Important CVE-2022-29151 Elevation of Privilege Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5013941, KB5013942, KB5013943, KB5013944, KB5013945 KB5013952, KB5013963, KB5014001, KB5014011, KB5014017 KB5014018, KB5014025 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYnsE0ONLKJtyKPYoAQi5VBAAqDegNbx8ZR0OHAytqoy6IT1hqBzoCT2N ymoMUQlXAh3BvnPa+t0dvAXhcSYpIlOr9xdnhldrbEQLwz5IWSO6AW4QT9PgmDJe +nSExBRsSScwltB6w457zie7LKbGtspX7zl7TLL0J+m1QQ3efW+CewCIATxU7SJ7 73Txpsf9Mbn/5/JJF5MM48TwlT1K4HHJOdzZ/ZM7Mw3sxCRPXp0UiVDwjU/oLa4S KO3BrY2Uo7rvPtztarNeeSw8mk4N0pwPnTGJcl2gw4ZLkAa3M8L742DP89F5IpZZ wEN+oW0h0muJ6D0E5EnHK8YnEne052d8eqg8FMrwCPZiJgBZWVVtsqimj2ThHHCv jAWsduyDFjjY/1ZJBUrhdZDQKtRsg3lrAZkitsCmBgyiiPVVc75Uh1t4yK9XDYDQ lDInk4q8kHEAZNC1oZ4cnjbXRW/RoCjne9cwEOyynLGHyI4YVlK43K+LciWiqLek Frj37gyLegkftYJy/GTYi3HF9w2U9yIfjFGr6TovOpecFZAAbyhCKHP2hwe9oUUd 0/2507m6W6I2Pwt/vBXF2seBhVaYenUdJf9sZw7uw1OY4tFGSLGJV9L76ZkISkhz YpTC3hA1ASsv1d9W9SORDEJmSpGLD1UWggYtfNMLER9av++gVdNgVpo92VlXATW+ kPOE/3c/YRM= =SuUa -----END PGP SIGNATURE-----