Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2022.0122
Microsoft Patch Tuesday update for Microsoft Extended
Security Update (ESU) products for May 2022
11 May 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Windows 7
Windows Server 2008 R2
Windows Server 2008
Operating System: Windows
Resolution: Patch/Upgrade
CVE Names: CVE-2022-29141 CVE-2022-29139 CVE-2022-29137
CVE-2022-29132 CVE-2022-29130 CVE-2022-29129
CVE-2022-29128 CVE-2022-29127 CVE-2022-29121
CVE-2022-29115 CVE-2022-29112 CVE-2022-29105
CVE-2022-29103 CVE-2022-26937 CVE-2022-26936
CVE-2022-26935 CVE-2022-26934 CVE-2022-26931
CVE-2022-26926 CVE-2022-26925 CVE-2022-23270
CVE-2022-22019 CVE-2022-22015 CVE-2022-22014
CVE-2022-22013 CVE-2022-22012 CVE-2022-22011
CVE-2022-21972
Comment: CVSS (Max): 9.8 CVE-2022-29130 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
CVSS Source: Microsoft
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Microsoft reports CVE-2022-26925 being actively exploited
OVERVIEW
Microsoft has released its monthly security patch update for the
month of May 2022.
This update resolves 28 vulnerabilities across the following
products: [1]
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
IMPACT
Microsoft has given the following details regarding these vulnerabilities.
Details Impact Severity
CVE-2022-21972 Remote Code Execution Critical
CVE-2022-22011 Information Disclosure Important
CVE-2022-22012 Remote Code Execution Important
CVE-2022-22013 Remote Code Execution Important
CVE-2022-22014 Remote Code Execution Important
CVE-2022-22015 Information Disclosure Important
CVE-2022-22019 Remote Code Execution Important
CVE-2022-23270 Remote Code Execution Critical
CVE-2022-26925 Spoofing Important
CVE-2022-26926 Remote Code Execution Important
CVE-2022-26931 Elevation of Privilege Critical
CVE-2022-26934 Information Disclosure Important
CVE-2022-26935 Information Disclosure Important
CVE-2022-26936 Information Disclosure Important
CVE-2022-26937 Remote Code Execution Critical
CVE-2022-29103 Elevation of Privilege Important
CVE-2022-29105 Remote Code Execution Important
CVE-2022-29112 Information Disclosure Important
CVE-2022-29115 Remote Code Execution Important
CVE-2022-29121 Denial of Service Important
CVE-2022-29127 Security Feature Bypass Important
CVE-2022-29128 Remote Code Execution Important
CVE-2022-29129 Remote Code Execution Important
CVE-2022-29130 Remote Code Execution Important
CVE-2022-29132 Elevation of Privilege Important
CVE-2022-29137 Remote Code Execution Important
CVE-2022-29139 Remote Code Execution Important
CVE-2022-29141 Remote Code Execution Important
MITIGATION
Microsoft recommends updating the software with the version made
available on the Microsoft Update Catalogue for the following
Knowledge Base articles. [1].
KB5013999, KB5014006, KB5014010, KB5014012
REFERENCES
[1] Microsoft Security Update Guidance
https://portal.msrc.microsoft.com/en-us/security-guidance
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYnsE1uNLKJtyKPYoAQgLCw/8CuCVS3jbd3vhG+/JJukuT4iB4KaC71Uv
UUn6nek/y7W9BrlXCkUPFcxjxdxj8yf/4JsfIuMTYWvWeRgi/I4g/x5dn1GEByS+
ftXyWD+GtdfLZ5XymuUeoUdSvNKTED2bCfpK5JwzcmzXNdyeGo8Ss2x9AbxzOWcT
n5yGqXl/8gjiXxjwQeHsbAxkxtJoltq8aBcSVctFrXt+UcHbnfCpxt/6n+1F+RFd
nca3rD91wyX3Juttd+wl6wXLTVZ70inEIg3HaPaUH75Or7Ux7FlqV2JUghNHOeO+
+Zro+5Qz4Ok9j07TZWw62NMRcmKRrqXsZ9csZmx8IugHh1nIrFPgad0VSIY8kS+U
nCipK6edhHmXn5s6nFhA7r+kGrNtDgzobNRKxcd1eUuc3ycOitFrcfKfXmBqKYaq
cIRozW/AsDZumoeFL2BEOs36ACj2LtQWpgXdUX71OKBVy6SgtWZ8l8pKS/GS6zeu
Z5d0+CY3epy1xZD+Mc727ARi3aHfsvgNc4uyjNpmgfAMFE140gQzSh1yHP8cmW83
zZ+u/vlduI1KYguzJXzYpvy2weLIVVkLKBYpP6fD8/Z+ZbAAcGWQ53vm59BiZ9zL
qJN8F+sZSD+42XhCXQ6iNgjH1EGYoMEtpnascCp7K+3y64uP1r8wXoJG08LQydHq
bNRut4Evhp4=
=1l/f
-----END PGP SIGNATURE-----