Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0121
Microsoft Patch Tuesday update for Microsoft Windows for May 2022
11 May 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows 10
Windows 11
Windows 8.1
Windows RT 8.1
Windows Server
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-29151 CVE-2022-29150 CVE-2022-29142
CVE-2022-29141 CVE-2022-29140 CVE-2022-29139
CVE-2022-29138 CVE-2022-29137 CVE-2022-29135
CVE-2022-29134 CVE-2022-29133 CVE-2022-29132
CVE-2022-29131 CVE-2022-29130 CVE-2022-29129
CVE-2022-29128 CVE-2022-29127 CVE-2022-29126
CVE-2022-29125 CVE-2022-29123 CVE-2022-29122
CVE-2022-29121 CVE-2022-29120 CVE-2022-29116
CVE-2022-29115 CVE-2022-29114 CVE-2022-29113
CVE-2022-29112 CVE-2022-29106 CVE-2022-29105
CVE-2022-29104 CVE-2022-29103 CVE-2022-29102
CVE-2022-26940 CVE-2022-26939 CVE-2022-26938
CVE-2022-26937 CVE-2022-26936 CVE-2022-26935
CVE-2022-26934 CVE-2022-26933 CVE-2022-26932
CVE-2022-26931 CVE-2022-26930 CVE-2022-26927
CVE-2022-26926 CVE-2022-26925 CVE-2022-26923
CVE-2022-26913 CVE-2022-24466 CVE-2022-23279
CVE-2022-23270 CVE-2022-22713 CVE-2022-22019
CVE-2022-22017 CVE-2022-22016 CVE-2022-22015
CVE-2022-22014 CVE-2022-22013 CVE-2022-22012
CVE-2022-22011 CVE-2022-21972
Comment: CVSS (Max): 9.8 CVE-2022-29130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft reports CVE-2022-26925 being actively exploited
OVERVIEW
Microsoft has released its monthly security patch update for the
month of May 2022.
This update resolves 62 vulnerabilities across the following
products: [1]
Remote Desktop client
Windows 10
Windows 11
Windows 8.1
Windows RT 8.1
Windows Server
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2022-21972 Remote Code Execution Critical
CVE-2022-22011 Information Disclosure Important
CVE-2022-22012 Remote Code Execution Important
CVE-2022-22013 Remote Code Execution Important
CVE-2022-22014 Remote Code Execution Important
CVE-2022-22015 Information Disclosure Important
CVE-2022-22016 Elevation of Privilege Important
CVE-2022-22017 Remote Code Execution Critical
CVE-2022-22019 Remote Code Execution Important
CVE-2022-22713 Denial of Service Important
CVE-2022-23270 Remote Code Execution Critical
CVE-2022-23279 Elevation of Privilege Important
CVE-2022-24466 Security Feature Bypass Important
CVE-2022-26913 Security Feature Bypass Important
CVE-2022-26923 Elevation of Privilege Critical
CVE-2022-26925 Spoofing Important
CVE-2022-26926 Remote Code Execution Important
CVE-2022-26927 Remote Code Execution Important
CVE-2022-26930 Information Disclosure Important
CVE-2022-26931 Elevation of Privilege Critical
CVE-2022-26932 Elevation of Privilege Important
CVE-2022-26933 Information Disclosure Important
CVE-2022-26934 Information Disclosure Important
CVE-2022-26935 Information Disclosure Important
CVE-2022-26936 Information Disclosure Important
CVE-2022-26937 Remote Code Execution Critical
CVE-2022-26938 Elevation of Privilege Important
CVE-2022-26939 Elevation of Privilege Important
CVE-2022-26940 Information Disclosure Important
CVE-2022-29102 Information Disclosure Important
CVE-2022-29103 Elevation of Privilege Important
CVE-2022-29104 Elevation of Privilege Important
CVE-2022-29105 Remote Code Execution Important
CVE-2022-29106 Elevation of Privilege Important
CVE-2022-29112 Information Disclosure Important
CVE-2022-29113 Elevation of Privilege Important
CVE-2022-29114 Information Disclosure Important
CVE-2022-29115 Remote Code Execution Important
CVE-2022-29116 Information Disclosure Important
CVE-2022-29120 Information Disclosure Important
CVE-2022-29121 Denial of Service Important
CVE-2022-29122 Information Disclosure Important
CVE-2022-29123 Information Disclosure Important
CVE-2022-29125 Elevation of Privilege Important
CVE-2022-29126 Elevation of Privilege Important
CVE-2022-29127 Security Feature Bypass Important
CVE-2022-29128 Remote Code Execution Important
CVE-2022-29129 Remote Code Execution Important
CVE-2022-29130 Remote Code Execution Important
CVE-2022-29131 Remote Code Execution Important
CVE-2022-29132 Elevation of Privilege Important
CVE-2022-29133 Elevation of Privilege Important
CVE-2022-29134 Information Disclosure Important
CVE-2022-29135 Elevation of Privilege Important
CVE-2022-29137 Remote Code Execution Important
CVE-2022-29138 Elevation of Privilege Important
CVE-2022-29139 Remote Code Execution Important
CVE-2022-29140 Information Disclosure Important
CVE-2022-29141 Remote Code Execution Important
CVE-2022-29142 Elevation of Privilege Important
CVE-2022-29150 Elevation of Privilege Important
CVE-2022-29151 Elevation of Privilege Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5013941, KB5013942, KB5013943, KB5013944, KB5013945
KB5013952, KB5013963, KB5014001, KB5014011, KB5014017
KB5014018, KB5014025
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYnsE0ONLKJtyKPYoAQi5VBAAqDegNbx8ZR0OHAytqoy6IT1hqBzoCT2N
ymoMUQlXAh3BvnPa+t0dvAXhcSYpIlOr9xdnhldrbEQLwz5IWSO6AW4QT9PgmDJe
+nSExBRsSScwltB6w457zie7LKbGtspX7zl7TLL0J+m1QQ3efW+CewCIATxU7SJ7
73Txpsf9Mbn/5/JJF5MM48TwlT1K4HHJOdzZ/ZM7Mw3sxCRPXp0UiVDwjU/oLa4S
KO3BrY2Uo7rvPtztarNeeSw8mk4N0pwPnTGJcl2gw4ZLkAa3M8L742DP89F5IpZZ
wEN+oW0h0muJ6D0E5EnHK8YnEne052d8eqg8FMrwCPZiJgBZWVVtsqimj2ThHHCv
jAWsduyDFjjY/1ZJBUrhdZDQKtRsg3lrAZkitsCmBgyiiPVVc75Uh1t4yK9XDYDQ
lDInk4q8kHEAZNC1oZ4cnjbXRW/RoCjne9cwEOyynLGHyI4YVlK43K+LciWiqLek
Frj37gyLegkftYJy/GTYi3HF9w2U9yIfjFGr6TovOpecFZAAbyhCKHP2hwe9oUUd
0/2507m6W6I2Pwt/vBXF2seBhVaYenUdJf9sZw7uw1OY4tFGSLGJV9L76ZkISkhz
YpTC3hA1ASsv1d9W9SORDEJmSpGLD1UWggYtfNMLER9av++gVdNgVpo92VlXATW+
kPOE/3c/YRM=
=SuUa
-----END PGP SIGNATURE-----