Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0080
Microsoft Patch Tuesday update for Microsoft Extended
Security Update Products for April 2022
13 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows 7
Windows Server 2008
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-26919 CVE-2022-26918 CVE-2022-26917
CVE-2022-26916 CVE-2022-26915 CVE-2022-26904
CVE-2022-26903 CVE-2022-26831 CVE-2022-26829
CVE-2022-26827 CVE-2022-26822 CVE-2022-26821
CVE-2022-26820 CVE-2022-26819 CVE-2022-26815
CVE-2022-26813 CVE-2022-26812 CVE-2022-26810
CVE-2022-26809 CVE-2022-26807 CVE-2022-26803
CVE-2022-26802 CVE-2022-26801 CVE-2022-26798
CVE-2022-26797 CVE-2022-26796 CVE-2022-26794
CVE-2022-26792 CVE-2022-26790 CVE-2022-26787
CVE-2022-24544 CVE-2022-24542 CVE-2022-24541
CVE-2022-24540 CVE-2022-24536 CVE-2022-24534
CVE-2022-24533 CVE-2022-24530 CVE-2022-24528
CVE-2022-24527 CVE-2022-24521 CVE-2022-24500
CVE-2022-24499 CVE-2022-24498 CVE-2022-24494
CVE-2022-24493 CVE-2022-24492 CVE-2022-24485
CVE-2022-24481 CVE-2022-24474 CVE-2022-21983
Comment: CVSS (Max): 9.8 CVE-2022-26809 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
OVERVIEW
Microsoft has released its monthly security patch update for the
month of April 2022.
This update resolves 51 vulnerabilities across the following
products: [1]
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2022-21983 Remote Code Execution Important
CVE-2022-24474 Elevation of Privilege Important
CVE-2022-24481 Elevation of Privilege Important
CVE-2022-24485 Remote Code Execution Important
CVE-2022-24492 Remote Code Execution Important
CVE-2022-24493 Information Disclosure Important
CVE-2022-24494 Elevation of Privilege Important
CVE-2022-24498 Information Disclosure Important
CVE-2022-24499 Elevation of Privilege Important
CVE-2022-24500 Remote Code Execution Critical
CVE-2022-24521 Elevation of Privilege Important
CVE-2022-24527 Elevation of Privilege Important
CVE-2022-24528 Remote Code Execution Important
CVE-2022-24530 Elevation of Privilege Important
CVE-2022-24533 Remote Code Execution Important
CVE-2022-24534 Remote Code Execution Important
CVE-2022-24536 Remote Code Execution Important
CVE-2022-24540 Elevation of Privilege Important
CVE-2022-24541 Remote Code Execution Critical
CVE-2022-24542 Elevation of Privilege Important
CVE-2022-24544 Elevation of Privilege Important
CVE-2022-26787 Elevation of Privilege Important
CVE-2022-26790 Elevation of Privilege Important
CVE-2022-26792 Elevation of Privilege Important
CVE-2022-26794 Elevation of Privilege Important
CVE-2022-26796 Elevation of Privilege Important
CVE-2022-26797 Elevation of Privilege Important
CVE-2022-26798 Elevation of Privilege Important
CVE-2022-26801 Elevation of Privilege Important
CVE-2022-26802 Elevation of Privilege Important
CVE-2022-26803 Elevation of Privilege Important
CVE-2022-26807 Elevation of Privilege Important
CVE-2022-26809 Remote Code Execution Critical
CVE-2022-26810 Elevation of Privilege Important
CVE-2022-26812 Remote Code Execution Important
CVE-2022-26813 Remote Code Execution Important
CVE-2022-26815 Remote Code Execution Important
CVE-2022-26819 Remote Code Execution Important
CVE-2022-26820 Remote Code Execution Important
CVE-2022-26821 Remote Code Execution Important
CVE-2022-26822 Remote Code Execution Important
CVE-2022-26827 Elevation of Privilege Important
CVE-2022-26829 Remote Code Execution Important
CVE-2022-26831 Denial of Service Important
CVE-2022-26903 Remote Code Execution Important
CVE-2022-26904 Elevation of Privilege Important
CVE-2022-26915 Denial of Service Important
CVE-2022-26916 Remote Code Execution Important
CVE-2022-26917 Remote Code Execution Important
CVE-2022-26918 Remote Code Execution Important
CVE-2022-26919 Remote Code Execution Critical
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5011529, KB5011552, KB5012626, KB5012632, KB5012649
KB5012658
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYlYm5ONLKJtyKPYoAQiBbw/8D/JUK5Y6xzUw2hzx+pF4eQlzpAu2S0lw
9KGgz3FvTXUO0COn3Pu31LVL+H8kEJnky3OmiEgPk3/tVP/lkCJu0MjbS+CBa2en
Y8Y66rA2jnwMNkg+VpqChpZifIJ478LB1II7D2aUmdGWiFb+xAyGsBN7LAwDHpRr
8FX2ZDmaKdLkYfpRTWwlqUNXuKOXR0APzfxio21yQK7hJVhmNxHUbxoHgK2ZPhMi
P2Tu/nS8jnNI0Nsu9zJR1m9kvGv0kq2D9M1WuaFLZOnj1KZ4DWZThsSGbDvnjFp7
gK6XQBYEPHRk1nqP0sUoJ0MD8GQUgwSlsZMo4Zaq6XPH5qGPBinLn1QeXhqv0zXp
tBxnNB0KDd8PNgmcGXgxBnf6iicFvNsy6vmscxXNNkpcl3aMko2Th+wrUTOJmlcw
FVvn0bWAEmM0LI6kbDIVDO2jMz97AQvOVKbX8tbx2gizoNAaWJm/QYqoKA5Q6DdL
aCkn9E7o3IwjLcILt6Cbg+mCcuhCQQ9ojscrfZrIBIM1YEU/CBt2YnIB7aKjasKP
/8tiRd4zZnIfRYQeV/1l+7/ZAXWkOsX6MLdPkMX9J3OnMdBaOPA0TvAbIdjB5yXR
Kw5eQX6tSW1C0BBMYNXxDSPnoo6PZQ/3BoXTJBMc8YLTOp1w4g1DUD1lnEBs7016
rU2IM51QsOY=
=0GUj
-----END PGP SIGNATURE-----