Operating System:

[Win]

Published:

13 April 2022

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2022.0085
    Microsoft Patch Tuesday update for Microsoft Windows for April 2022
                               13 April 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          HEVC Video Extensions
                  Windows 10, 11, 8.1 and RT 8.1
                  Windows Server
                  Windows Upgrade Assistant
Operating System: Windows
Resolution:       Patch/Upgrade
CVE Names:        CVE-2022-26920 CVE-2022-26919 CVE-2022-26918
                  CVE-2022-26917 CVE-2022-26916 CVE-2022-26915
                  CVE-2022-26914 CVE-2022-26904 CVE-2022-26903
                  CVE-2022-26831 CVE-2022-26830 CVE-2022-26829
                  CVE-2022-26828 CVE-2022-26827 CVE-2022-26826
                  CVE-2022-26825 CVE-2022-26824 CVE-2022-26823
                  CVE-2022-26822 CVE-2022-26821 CVE-2022-26820
                  CVE-2022-26819 CVE-2022-26818 CVE-2022-26817
                  CVE-2022-26816 CVE-2022-26815 CVE-2022-26814
                  CVE-2022-26813 CVE-2022-26812 CVE-2022-26811
                  CVE-2022-26810 CVE-2022-26809 CVE-2022-26808
                  CVE-2022-26807 CVE-2022-26803 CVE-2022-26802
                  CVE-2022-26801 CVE-2022-26798 CVE-2022-26797
                  CVE-2022-26796 CVE-2022-26795 CVE-2022-26794
                  CVE-2022-26793 CVE-2022-26792 CVE-2022-26791
                  CVE-2022-26790 CVE-2022-26789 CVE-2022-26788
                  CVE-2022-26787 CVE-2022-26786 CVE-2022-26785
                  CVE-2022-26784 CVE-2022-26783 CVE-2022-24550
                  CVE-2022-24549 CVE-2022-24547 CVE-2022-24546
                  CVE-2022-24545 CVE-2022-24544 CVE-2022-24543
                  CVE-2022-24542 CVE-2022-24541 CVE-2022-24540
                  CVE-2022-24539 CVE-2022-24538 CVE-2022-24537
                  CVE-2022-24536 CVE-2022-24534 CVE-2022-24533
                  CVE-2022-24532 CVE-2022-24530 CVE-2022-24528
                  CVE-2022-24527 CVE-2022-24521 CVE-2022-24500
                  CVE-2022-24499 CVE-2022-24498 CVE-2022-24496
                  CVE-2022-24495 CVE-2022-24494 CVE-2022-24493
                  CVE-2022-24492 CVE-2022-24491 CVE-2022-24490
                  CVE-2022-24489 CVE-2022-24488 CVE-2022-24487
                  CVE-2022-24486 CVE-2022-24485 CVE-2022-24484
                  CVE-2022-24483 CVE-2022-24481 CVE-2022-24479
                  CVE-2022-24474 CVE-2022-23268 CVE-2022-23257
                  CVE-2022-22009 CVE-2022-22008 CVE-2022-21983

Comment: CVSS (Max):  9.8 CVE-2022-26809 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
         CVSS Source: Microsoft
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

OVERVIEW

        Microsoft has released its monthly security patch update for the
        month of April 2022.
        
        This update resolves 99 vulnerabilities across the following
        products: [1]
        
         HEVC Video Extension
         HEVC Video Extensions
         Windows 10
         Windows 11
         Windows 8.1
         Windows RT 8.1
         Windows Server
         Windows Server 2012
         Windows Server 2012 R2
         Windows Server 2016
         Windows Server 2019
         Windows Server 2022
         Windows Upgrade Assistant


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2022-21983  Remote Code Execution    Important
         CVE-2022-22008  Remote Code Execution    Critical
         CVE-2022-22009  Remote Code Execution    Important
         CVE-2022-23257  Remote Code Execution    Critical
         CVE-2022-23268  Denial of Service        Important
         CVE-2022-24474  Elevation of Privilege   Important
         CVE-2022-24479  Elevation of Privilege   Important
         CVE-2022-24481  Elevation of Privilege   Important
         CVE-2022-24483  Information Disclosure   Important
         CVE-2022-24484  Denial of Service        Important
         CVE-2022-24485  Remote Code Execution    Important
         CVE-2022-24486  Elevation of Privilege   Important
         CVE-2022-24487  Remote Code Execution    Important
         CVE-2022-24488  Elevation of Privilege   Important
         CVE-2022-24489  Elevation of Privilege   Important
         CVE-2022-24490  Information Disclosure   Important
         CVE-2022-24491  Remote Code Execution    Critical
         CVE-2022-24492  Remote Code Execution    Important
         CVE-2022-24493  Information Disclosure   Important
         CVE-2022-24494  Elevation of Privilege   Important
         CVE-2022-24495  Remote Code Execution    Important
         CVE-2022-24496  Elevation of Privilege   Important
         CVE-2022-24498  Information Disclosure   Important
         CVE-2022-24499  Elevation of Privilege   Important
         CVE-2022-24500  Remote Code Execution    Critical
         CVE-2022-24521  Elevation of Privilege   Important
         CVE-2022-24527  Elevation of Privilege   Important
         CVE-2022-24528  Remote Code Execution    Important
         CVE-2022-24530  Elevation of Privilege   Important
         CVE-2022-24532  Remote Code Execution    Important
         CVE-2022-24533  Remote Code Execution    Important
         CVE-2022-24534  Remote Code Execution    Important
         CVE-2022-24536  Remote Code Execution    Important
         CVE-2022-24537  Remote Code Execution    Critical
         CVE-2022-24538  Denial of Service        Important
         CVE-2022-24539  Information Disclosure   Important
         CVE-2022-24540  Elevation of Privilege   Important
         CVE-2022-24541  Remote Code Execution    Critical
         CVE-2022-24542  Elevation of Privilege   Important
         CVE-2022-24543  Remote Code Execution    Important
         CVE-2022-24544  Elevation of Privilege   Important
         CVE-2022-24545  Remote Code Execution    Important
         CVE-2022-24546  Elevation of Privilege   Important
         CVE-2022-24547  Elevation of Privilege   Important
         CVE-2022-24549  Elevation of Privilege   Important
         CVE-2022-24550  Elevation of Privilege   Important
         CVE-2022-26783  Information Disclosure   Important
         CVE-2022-26784  Denial of Service        Important
         CVE-2022-26785  Information Disclosure   Important
         CVE-2022-26786  Elevation of Privilege   Important
         CVE-2022-26787  Elevation of Privilege   Important
         CVE-2022-26788  Elevation of Privilege   Important
         CVE-2022-26789  Elevation of Privilege   Important
         CVE-2022-26790  Elevation of Privilege   Important
         CVE-2022-26791  Elevation of Privilege   Important
         CVE-2022-26792  Elevation of Privilege   Important
         CVE-2022-26793  Elevation of Privilege   Important
         CVE-2022-26794  Elevation of Privilege   Important
         CVE-2022-26795  Elevation of Privilege   Important
         CVE-2022-26796  Elevation of Privilege   Important
         CVE-2022-26797  Elevation of Privilege   Important
         CVE-2022-26798  Elevation of Privilege   Important
         CVE-2022-26801  Elevation of Privilege   Important
         CVE-2022-26802  Elevation of Privilege   Important
         CVE-2022-26803  Elevation of Privilege   Important
         CVE-2022-26807  Elevation of Privilege   Important
         CVE-2022-26808  Elevation of Privilege   Important
         CVE-2022-26809  Remote Code Execution    Critical
         CVE-2022-26810  Elevation of Privilege   Important
         CVE-2022-26811  Remote Code Execution    Important
         CVE-2022-26812  Remote Code Execution    Important
         CVE-2022-26813  Remote Code Execution    Important
         CVE-2022-26814  Remote Code Execution    Important
         CVE-2022-26815  Remote Code Execution    Important
         CVE-2022-26816  Information Disclosure   Important
         CVE-2022-26817  Remote Code Execution    Important
         CVE-2022-26818  Remote Code Execution    Important
         CVE-2022-26819  Remote Code Execution    Important
         CVE-2022-26820  Remote Code Execution    Important
         CVE-2022-26821  Remote Code Execution    Important
         CVE-2022-26822  Remote Code Execution    Important
         CVE-2022-26823  Remote Code Execution    Important
         CVE-2022-26824  Remote Code Execution    Important
         CVE-2022-26825  Remote Code Execution    Important
         CVE-2022-26826  Remote Code Execution    Important
         CVE-2022-26827  Elevation of Privilege   Important
         CVE-2022-26828  Elevation of Privilege   Important
         CVE-2022-26829  Remote Code Execution    Important
         CVE-2022-26830  Remote Code Execution    Important
         CVE-2022-26831  Denial of Service        Important
         CVE-2022-26903  Remote Code Execution    Important
         CVE-2022-26904  Elevation of Privilege   Important
         CVE-2022-26914  Elevation of Privilege   Important
         CVE-2022-26915  Denial of Service        Important
         CVE-2022-26916  Remote Code Execution    Important
         CVE-2022-26917  Remote Code Execution    Important
         CVE-2022-26918  Remote Code Execution    Important
         CVE-2022-26919  Remote Code Execution    Critical
         CVE-2022-26920  Information Disclosure   Important


MITIGATION

        Microsoft recommends updating the software with the version made
        available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1].
        
         KB5012591, KB5012592, KB5012596, KB5012599, KB5012604
         KB5012639, KB5012647, KB5012650, KB5012653, KB5012666
         KB5012670


REFERENCES

        [1] Microsoft Security Update Guidance
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYlYno+NLKJtyKPYoAQi9uRAAmfOZNlODRV2489+BxHGdyytkuyIfKx+S
cizoe5YodcPhasmT6dQpZ91ZPNhHsuxw4Xl4eU9K+nhcoFW49BOc5tKaX4X4UNtE
PMQQvbDZfaBSwvkTa6UaGNFQIxTGu73IIFV0/Klk1HCv9RtTpFAln0aEwgNwgc0U
CKJ2iTkESSfvZED9/JQfzQiuG7CRY+6deUZKHXZJeJJcyqR+rCkbr1DFDwMVtA+M
TtMMgFyhBDwYCaEjjkriPyisluv33YvdWIBwHzc1j0a2mf5pKFRA/gK1iP3xJ5lm
CAzzMrV7TDJ5wl05K4ifbAR955gL7YlpwS2oImgJbpkzVUxdDGcbGpN7+F2GKLm/
KrLkz3tvPRCzSemBLaeqkTeWho8VY4EItiy9EKFbyc9U9/vcDAoJsbKmeAk3IKjB
ZSMDs5o3TmOi5AGG8ZbQnP97OicQYAjDR7peIlwW/93yPx7FV2yvjkzUVYIlDtZI
CZj+8lJzupbehvc+fm6e8x3RR8BNoD8w0L/xLpPWeED55XoAhm1y+dALv8+ZYbTi
uQbicHPbnDPqPnWdu+yfeohUR3GtA0InOvn2U/dsIuuyu9Nz2+x6haBqIz61Tm+f
kI1FB06GVEVectu3oGYAaRNquYzVp0iE3Ui8uNyxiAtdO9uZOMG1TNNA/uQ9NSDU
LRvAI/QphyI=
=QoD4
-----END PGP SIGNATURE-----