Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0062 Microsoft Patch Tuesday update for Microsoft Windows for March 2022 9 March 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Windows Windows Server Image Extension Video Extension Remote Desktop Client Operating System: Windows Resolution: Patch/Upgrade CVE Names: CVE-2022-24525 CVE-2022-24508 CVE-2022-24507 CVE-2022-24505 CVE-2022-24503 CVE-2022-24502 CVE-2022-24501 CVE-2022-24460 CVE-2022-24459 CVE-2022-24457 CVE-2022-24456 CVE-2022-24455 CVE-2022-24454 CVE-2022-24453 CVE-2022-24452 CVE-2022-24451 CVE-2022-23301 CVE-2022-23300 CVE-2022-23299 CVE-2022-23298 CVE-2022-23297 CVE-2022-23296 CVE-2022-23295 CVE-2022-23294 CVE-2022-23293 CVE-2022-23291 CVE-2022-23290 CVE-2022-23288 CVE-2022-23287 CVE-2022-23286 CVE-2022-23285 CVE-2022-23284 CVE-2022-23283 CVE-2022-23281 CVE-2022-23253 CVE-2022-22010 CVE-2022-22007 CVE-2022-22006 CVE-2022-21990 CVE-2022-21977 CVE-2022-21975 CVE-2022-21973 CVE-2022-21967 Comment: CVSS (Max): 8.8 CVE-2022-24508 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C) CVSS Source: Microsoft Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Microsoft notes that exploitation of CVE-2022-24508 is more likely to be targeted by threat actors. OVERVIEW Microsoft has released its monthly security patch update for the month of March 2022. This update resolves 43 vulnerabilities across the following products: [1] HEIF Image Extension HEVC Video Extension HEVC Video Extensions Raw Image Extension Remote Desktop client VP9 Video Extensions Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2022 Azure Edition Core Hotpatch IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2022-21967 Elevation of Privilege Important CVE-2022-21973 Denial of Service Important CVE-2022-21975 Denial of Service Important CVE-2022-21977 Information Disclosure Important CVE-2022-21990 Remote Code Execution Important CVE-2022-22006 Remote Code Execution Critical CVE-2022-22007 Remote Code Execution Important CVE-2022-22010 Information Disclosure Important CVE-2022-23253 Denial of Service Important CVE-2022-23281 Information Disclosure Important CVE-2022-23283 Elevation of Privilege Important CVE-2022-23284 Elevation of Privilege Important CVE-2022-23285 Remote Code Execution Important CVE-2022-23286 Elevation of Privilege Important CVE-2022-23287 Elevation of Privilege Important CVE-2022-23288 Elevation of Privilege Important CVE-2022-23290 Elevation of Privilege Important CVE-2022-23291 Elevation of Privilege Important CVE-2022-23293 Elevation of Privilege Important CVE-2022-23294 Remote Code Execution Important CVE-2022-23295 Remote Code Execution Important CVE-2022-23296 Elevation of Privilege Important CVE-2022-23297 Information Disclosure Important CVE-2022-23298 Elevation of Privilege Important CVE-2022-23299 Elevation of Privilege Important CVE-2022-23300 Remote Code Execution Important CVE-2022-23301 Remote Code Execution Important CVE-2022-24451 Remote Code Execution Important CVE-2022-24452 Remote Code Execution Important CVE-2022-24453 Remote Code Execution Important CVE-2022-24454 Elevation of Privilege Important CVE-2022-24455 Elevation of Privilege Important CVE-2022-24456 Remote Code Execution Important CVE-2022-24457 Remote Code Execution Important CVE-2022-24459 Elevation of Privilege Important CVE-2022-24460 Elevation of Privilege Important CVE-2022-24501 Remote Code Execution Critical CVE-2022-24502 Security Feature Bypass Important CVE-2022-24503 Information Disclosure Important CVE-2022-24505 Elevation of Privilege Important CVE-2022-24507 Elevation of Privilege Important CVE-2022-24508 Remote Code Execution Important CVE-2022-24525 Elevation of Privilege Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5010386, KB5011485, KB5011486, KB5011487, KB5011491 KB5011493, KB5011495, KB5011497, KB5011503, KB5011527 KB5011535, KB5011560, KB5011564, KB5011580 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYifzhuNLKJtyKPYoAQhjXg/8D2tdfk81MIm56wDCmdfeAIQaDBUU1SVy v0KxZ5BrykqNTo5z5h+Lin22WyFzLfljaha36cGmDi/6T/PYEzPKogM6lLsix1V1 fGVSZ9TkhtvyM25qfbEP+COcvhs44K3LG+GZWtMwZmeTNV2skw16rI1HnjedTJ1+ Exmv2ViUmqVUvhCmnBZFeiFP8lIgC2llRY8P4xVtM/e62IaoY+8xF4bpAAmsuqEX xyyw0FZC8CuyFnStMx0BuOloBgcg3/YKHedFDAw0DCU54COGPV70v1qL7YXQwpFh G2qAeuelI9ItdmqgRBnHSR7jCfiKyjjIppdiCgOTTBeaiW9wwj+sp9yknxkhjoqM M4fmvljYwJpmLRN+E0YN7xI85kmTRhcGoErGVUyrTyy9itj6fBOHrTW7D0h1f1LN WQ3+0vm9BggMszyfPTiUyiy0vc7Oe6fmb4MD9hB4vq/+5BoIXHi4uFb+LcrS/GhP CSyWyNoUvxfR/bmLIOAkpsxdi+yyxCsdS7ffSIqxqzldcT+iVOOx46PIO59dzhbQ yJdBECIeNpm6HPHyrRycjH1QxXmC0xqejJg6WsLdLnfjQ9jXJssPVi9XmUxKvsNZ HnNGbkJxUs7KGs410QZWcIk28LpoGNmvaQghrCK9wtT+hqK2IBuUoQsvk/uPG7fj 8mY638gGnEc= =ji5s -----END PGP SIGNATURE-----