Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0085
Microsoft Patch Tuesday update for Microsoft Windows for April 2022
13 April 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: HEVC Video Extensions
Windows 10, 11, 8.1 and RT 8.1
Windows Server
Windows Upgrade Assistant
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-26920 CVE-2022-26919 CVE-2022-26918
CVE-2022-26917 CVE-2022-26916 CVE-2022-26915
CVE-2022-26914 CVE-2022-26904 CVE-2022-26903
CVE-2022-26831 CVE-2022-26830 CVE-2022-26829
CVE-2022-26828 CVE-2022-26827 CVE-2022-26826
CVE-2022-26825 CVE-2022-26824 CVE-2022-26823
CVE-2022-26822 CVE-2022-26821 CVE-2022-26820
CVE-2022-26819 CVE-2022-26818 CVE-2022-26817
CVE-2022-26816 CVE-2022-26815 CVE-2022-26814
CVE-2022-26813 CVE-2022-26812 CVE-2022-26811
CVE-2022-26810 CVE-2022-26809 CVE-2022-26808
CVE-2022-26807 CVE-2022-26803 CVE-2022-26802
CVE-2022-26801 CVE-2022-26798 CVE-2022-26797
CVE-2022-26796 CVE-2022-26795 CVE-2022-26794
CVE-2022-26793 CVE-2022-26792 CVE-2022-26791
CVE-2022-26790 CVE-2022-26789 CVE-2022-26788
CVE-2022-26787 CVE-2022-26786 CVE-2022-26785
CVE-2022-26784 CVE-2022-26783 CVE-2022-24550
CVE-2022-24549 CVE-2022-24547 CVE-2022-24546
CVE-2022-24545 CVE-2022-24544 CVE-2022-24543
CVE-2022-24542 CVE-2022-24541 CVE-2022-24540
CVE-2022-24539 CVE-2022-24538 CVE-2022-24537
CVE-2022-24536 CVE-2022-24534 CVE-2022-24533
CVE-2022-24532 CVE-2022-24530 CVE-2022-24528
CVE-2022-24527 CVE-2022-24521 CVE-2022-24500
CVE-2022-24499 CVE-2022-24498 CVE-2022-24496
CVE-2022-24495 CVE-2022-24494 CVE-2022-24493
CVE-2022-24492 CVE-2022-24491 CVE-2022-24490
CVE-2022-24489 CVE-2022-24488 CVE-2022-24487
CVE-2022-24486 CVE-2022-24485 CVE-2022-24484
CVE-2022-24483 CVE-2022-24481 CVE-2022-24479
CVE-2022-24474 CVE-2022-23268 CVE-2022-23257
CVE-2022-22009 CVE-2022-22008 CVE-2022-21983
Comment: CVSS (Max): 9.8 CVE-2022-26809 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
OVERVIEW
Microsoft has released its monthly security patch update for the
month of April 2022.
This update resolves 99 vulnerabilities across the following
products: [1]
HEVC Video Extension
HEVC Video Extensions
Windows 10
Windows 11
Windows 8.1
Windows RT 8.1
Windows Server
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
Windows Upgrade Assistant
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2022-21983 Remote Code Execution Important
CVE-2022-22008 Remote Code Execution Critical
CVE-2022-22009 Remote Code Execution Important
CVE-2022-23257 Remote Code Execution Critical
CVE-2022-23268 Denial of Service Important
CVE-2022-24474 Elevation of Privilege Important
CVE-2022-24479 Elevation of Privilege Important
CVE-2022-24481 Elevation of Privilege Important
CVE-2022-24483 Information Disclosure Important
CVE-2022-24484 Denial of Service Important
CVE-2022-24485 Remote Code Execution Important
CVE-2022-24486 Elevation of Privilege Important
CVE-2022-24487 Remote Code Execution Important
CVE-2022-24488 Elevation of Privilege Important
CVE-2022-24489 Elevation of Privilege Important
CVE-2022-24490 Information Disclosure Important
CVE-2022-24491 Remote Code Execution Critical
CVE-2022-24492 Remote Code Execution Important
CVE-2022-24493 Information Disclosure Important
CVE-2022-24494 Elevation of Privilege Important
CVE-2022-24495 Remote Code Execution Important
CVE-2022-24496 Elevation of Privilege Important
CVE-2022-24498 Information Disclosure Important
CVE-2022-24499 Elevation of Privilege Important
CVE-2022-24500 Remote Code Execution Critical
CVE-2022-24521 Elevation of Privilege Important
CVE-2022-24527 Elevation of Privilege Important
CVE-2022-24528 Remote Code Execution Important
CVE-2022-24530 Elevation of Privilege Important
CVE-2022-24532 Remote Code Execution Important
CVE-2022-24533 Remote Code Execution Important
CVE-2022-24534 Remote Code Execution Important
CVE-2022-24536 Remote Code Execution Important
CVE-2022-24537 Remote Code Execution Critical
CVE-2022-24538 Denial of Service Important
CVE-2022-24539 Information Disclosure Important
CVE-2022-24540 Elevation of Privilege Important
CVE-2022-24541 Remote Code Execution Critical
CVE-2022-24542 Elevation of Privilege Important
CVE-2022-24543 Remote Code Execution Important
CVE-2022-24544 Elevation of Privilege Important
CVE-2022-24545 Remote Code Execution Important
CVE-2022-24546 Elevation of Privilege Important
CVE-2022-24547 Elevation of Privilege Important
CVE-2022-24549 Elevation of Privilege Important
CVE-2022-24550 Elevation of Privilege Important
CVE-2022-26783 Information Disclosure Important
CVE-2022-26784 Denial of Service Important
CVE-2022-26785 Information Disclosure Important
CVE-2022-26786 Elevation of Privilege Important
CVE-2022-26787 Elevation of Privilege Important
CVE-2022-26788 Elevation of Privilege Important
CVE-2022-26789 Elevation of Privilege Important
CVE-2022-26790 Elevation of Privilege Important
CVE-2022-26791 Elevation of Privilege Important
CVE-2022-26792 Elevation of Privilege Important
CVE-2022-26793 Elevation of Privilege Important
CVE-2022-26794 Elevation of Privilege Important
CVE-2022-26795 Elevation of Privilege Important
CVE-2022-26796 Elevation of Privilege Important
CVE-2022-26797 Elevation of Privilege Important
CVE-2022-26798 Elevation of Privilege Important
CVE-2022-26801 Elevation of Privilege Important
CVE-2022-26802 Elevation of Privilege Important
CVE-2022-26803 Elevation of Privilege Important
CVE-2022-26807 Elevation of Privilege Important
CVE-2022-26808 Elevation of Privilege Important
CVE-2022-26809 Remote Code Execution Critical
CVE-2022-26810 Elevation of Privilege Important
CVE-2022-26811 Remote Code Execution Important
CVE-2022-26812 Remote Code Execution Important
CVE-2022-26813 Remote Code Execution Important
CVE-2022-26814 Remote Code Execution Important
CVE-2022-26815 Remote Code Execution Important
CVE-2022-26816 Information Disclosure Important
CVE-2022-26817 Remote Code Execution Important
CVE-2022-26818 Remote Code Execution Important
CVE-2022-26819 Remote Code Execution Important
CVE-2022-26820 Remote Code Execution Important
CVE-2022-26821 Remote Code Execution Important
CVE-2022-26822 Remote Code Execution Important
CVE-2022-26823 Remote Code Execution Important
CVE-2022-26824 Remote Code Execution Important
CVE-2022-26825 Remote Code Execution Important
CVE-2022-26826 Remote Code Execution Important
CVE-2022-26827 Elevation of Privilege Important
CVE-2022-26828 Elevation of Privilege Important
CVE-2022-26829 Remote Code Execution Important
CVE-2022-26830 Remote Code Execution Important
CVE-2022-26831 Denial of Service Important
CVE-2022-26903 Remote Code Execution Important
CVE-2022-26904 Elevation of Privilege Important
CVE-2022-26914 Elevation of Privilege Important
CVE-2022-26915 Denial of Service Important
CVE-2022-26916 Remote Code Execution Important
CVE-2022-26917 Remote Code Execution Important
CVE-2022-26918 Remote Code Execution Important
CVE-2022-26919 Remote Code Execution Critical
CVE-2022-26920 Information Disclosure Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5012591, KB5012592, KB5012596, KB5012599, KB5012604
KB5012639, KB5012647, KB5012650, KB5012653, KB5012666
KB5012670
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYlYno+NLKJtyKPYoAQi9uRAAmfOZNlODRV2489+BxHGdyytkuyIfKx+S
cizoe5YodcPhasmT6dQpZ91ZPNhHsuxw4Xl4eU9K+nhcoFW49BOc5tKaX4X4UNtE
PMQQvbDZfaBSwvkTa6UaGNFQIxTGu73IIFV0/Klk1HCv9RtTpFAln0aEwgNwgc0U
CKJ2iTkESSfvZED9/JQfzQiuG7CRY+6deUZKHXZJeJJcyqR+rCkbr1DFDwMVtA+M
TtMMgFyhBDwYCaEjjkriPyisluv33YvdWIBwHzc1j0a2mf5pKFRA/gK1iP3xJ5lm
CAzzMrV7TDJ5wl05K4ifbAR955gL7YlpwS2oImgJbpkzVUxdDGcbGpN7+F2GKLm/
KrLkz3tvPRCzSemBLaeqkTeWho8VY4EItiy9EKFbyc9U9/vcDAoJsbKmeAk3IKjB
ZSMDs5o3TmOi5AGG8ZbQnP97OicQYAjDR7peIlwW/93yPx7FV2yvjkzUVYIlDtZI
CZj+8lJzupbehvc+fm6e8x3RR8BNoD8w0L/xLpPWeED55XoAhm1y+dALv8+ZYbTi
uQbicHPbnDPqPnWdu+yfeohUR3GtA0InOvn2U/dsIuuyu9Nz2+x6haBqIz61Tm+f
kI1FB06GVEVectu3oGYAaRNquYzVp0iE3Ui8uNyxiAtdO9uZOMG1TNNA/uQ9NSDU
LRvAI/QphyI=
=QoD4
-----END PGP SIGNATURE-----