Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2022.0002 Microsoft Patch Tuesday update for Microsoft Windows for January 2022 12 January 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Windows Windows Server Remote Desktop Client HEVC Video Extensions Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Increased Privileges -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Provide Misleading Information -- Existing Account Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2022-21964 CVE-2022-21963 CVE-2022-21962 CVE-2022-21961 CVE-2022-21960 CVE-2022-21959 CVE-2022-21958 CVE-2022-21928 CVE-2022-21925 CVE-2022-21924 CVE-2022-21922 CVE-2022-21921 CVE-2022-21920 CVE-2022-21919 CVE-2022-21918 CVE-2022-21917 CVE-2022-21916 CVE-2022-21915 CVE-2022-21914 CVE-2022-21913 CVE-2022-21912 CVE-2022-21910 CVE-2022-21908 CVE-2022-21907 CVE-2022-21906 CVE-2022-21905 CVE-2022-21904 CVE-2022-21903 CVE-2022-21902 CVE-2022-21901 CVE-2022-21900 CVE-2022-21899 CVE-2022-21898 CVE-2022-21897 CVE-2022-21896 CVE-2022-21895 CVE-2022-21894 CVE-2022-21893 CVE-2022-21892 CVE-2022-21890 CVE-2022-21889 CVE-2022-21888 CVE-2022-21887 CVE-2022-21885 CVE-2022-21884 CVE-2022-21883 CVE-2022-21882 CVE-2022-21881 CVE-2022-21880 CVE-2022-21879 CVE-2022-21878 CVE-2022-21877 CVE-2022-21876 CVE-2022-21875 CVE-2022-21874 CVE-2022-21873 CVE-2022-21872 CVE-2022-21871 CVE-2022-21870 CVE-2022-21869 CVE-2022-21868 CVE-2022-21867 CVE-2022-21866 CVE-2022-21865 CVE-2022-21864 CVE-2022-21863 CVE-2022-21862 CVE-2022-21861 CVE-2022-21860 CVE-2022-21859 CVE-2022-21858 CVE-2022-21857 CVE-2022-21852 CVE-2022-21851 CVE-2022-21850 CVE-2022-21849 CVE-2022-21848 CVE-2022-21847 CVE-2022-21843 CVE-2022-21839 CVE-2022-21838 CVE-2022-21836 CVE-2022-21835 CVE-2022-21834 CVE-2022-21833 CVE-2021-36976 CVE-2021-22947 Comment: Microsoft has warned that CVE-2022-21907 is wormable and recommends patching affected systems as a priority OVERVIEW Microsoft has released its monthly security patch update for the month of January 2022. This update resolves 87 vulnerabilities across the following products: [1] HEVC Video Extensions Remote Desktop client Windows 10 Windows 11 Windows 8.1 Windows RT 8.1 Windows Server Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2021-22947 Remote Code Execution Critical CVE-2021-36976 Remote Code Execution Important CVE-2022-21833 Elevation of Privilege Critical CVE-2022-21834 Elevation of Privilege Important CVE-2022-21835 Elevation of Privilege Important CVE-2022-21836 Spoofing Important CVE-2022-21838 Elevation of Privilege Important CVE-2022-21839 Denial of Service Important CVE-2022-21843 Denial of Service Important CVE-2022-21847 Denial of Service Important CVE-2022-21848 Denial of Service Important CVE-2022-21849 Remote Code Execution Important CVE-2022-21850 Remote Code Execution Important CVE-2022-21851 Remote Code Execution Important CVE-2022-21852 Elevation of Privilege Important CVE-2022-21857 Elevation of Privilege Critical CVE-2022-21858 Elevation of Privilege Important CVE-2022-21859 Elevation of Privilege Important CVE-2022-21860 Elevation of Privilege Important CVE-2022-21861 Elevation of Privilege Important CVE-2022-21862 Elevation of Privilege Important CVE-2022-21863 Elevation of Privilege Important CVE-2022-21864 Elevation of Privilege Important CVE-2022-21865 Elevation of Privilege Important CVE-2022-21866 Elevation of Privilege Important CVE-2022-21867 Elevation of Privilege Important CVE-2022-21868 Elevation of Privilege Important CVE-2022-21869 Elevation of Privilege Important CVE-2022-21870 Elevation of Privilege Important CVE-2022-21871 Elevation of Privilege Important CVE-2022-21872 Elevation of Privilege Important CVE-2022-21873 Elevation of Privilege Important CVE-2022-21874 Remote Code Execution Important CVE-2022-21875 Elevation of Privilege Important CVE-2022-21876 Information Disclosure Important CVE-2022-21877 Information Disclosure Important CVE-2022-21878 Remote Code Execution Important CVE-2022-21879 Elevation of Privilege Important CVE-2022-21880 Information Disclosure Important CVE-2022-21881 Elevation of Privilege Important CVE-2022-21882 Elevation of Privilege Important CVE-2022-21883 Denial of Service Important CVE-2022-21884 Elevation of Privilege Important CVE-2022-21885 Elevation of Privilege Important CVE-2022-21887 Elevation of Privilege Important CVE-2022-21888 Remote Code Execution Important CVE-2022-21889 Denial of Service Important CVE-2022-21890 Denial of Service Important CVE-2022-21892 Remote Code Execution Important CVE-2022-21893 Remote Code Execution Important CVE-2022-21894 Security Feature Bypass Important CVE-2022-21895 Elevation of Privilege Important CVE-2022-21896 Elevation of Privilege Important CVE-2022-21897 Elevation of Privilege Important CVE-2022-21898 Remote Code Execution Critical CVE-2022-21899 Security Feature Bypass Important CVE-2022-21900 Security Feature Bypass Important CVE-2022-21901 Elevation of Privilege Important CVE-2022-21902 Elevation of Privilege Important CVE-2022-21903 Elevation of Privilege Important CVE-2022-21904 Information Disclosure Important CVE-2022-21905 Security Feature Bypass Important CVE-2022-21906 Security Feature Bypass Important CVE-2022-21907 Remote Code Execution Critical CVE-2022-21908 Elevation of Privilege Important CVE-2022-21910 Elevation of Privilege Important CVE-2022-21912 Remote Code Execution Critical CVE-2022-21913 Security Feature Bypass Important CVE-2022-21914 Elevation of Privilege Important CVE-2022-21915 Information Disclosure Important CVE-2022-21916 Elevation of Privilege Important CVE-2022-21917 Remote Code Execution Critical CVE-2022-21918 Denial of Service Important CVE-2022-21919 Elevation of Privilege Important CVE-2022-21920 Elevation of Privilege Important CVE-2022-21921 Security Feature Bypass Important CVE-2022-21922 Remote Code Execution Important CVE-2022-21924 Security Feature Bypass Important CVE-2022-21925 Security Feature Bypass Important CVE-2022-21928 Remote Code Execution Important CVE-2022-21958 Remote Code Execution Important CVE-2022-21959 Remote Code Execution Important CVE-2022-21960 Remote Code Execution Important CVE-2022-21961 Remote Code Execution Important CVE-2022-21962 Remote Code Execution Important CVE-2022-21963 Remote Code Execution Important CVE-2022-21964 Information Disclosure Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1]. KB5009543, KB5009545, KB5009546, KB5009555, KB5009557 KB5009566, KB5009585, KB5009586, KB5009595, KB5009619 KB5009624 REFERENCES [1] Microsoft Security Update Guidance https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYd4yo+NLKJtyKPYoAQhe7w//fmfCnhhclJQKduLBbG4qxurgP1oIjzMM cLYlsE+7H2Jxvau+1F1jDoOKggKEjDYt8oTkPFo3G5UV1kWWt0ONW/PDgOVC9trJ AiZiZ39eH1WcB3JRB6v2ibO5yJ7Cjxg/uaH2/Nd/uZcUujhgEh4EL5Ou4jRpeb3d BRBxjOzu/UBVBryAHzn9N7QGmyjwvCTm+IZOu9B9fg18o6lMDrL8B0fQRmvI3wUM h0TCDA80PkFdRBvh55YMp427yb9Pl+voyw00lkvzAfpha7CSoXwGQyz8Up7v1INh M4vxczFqCa0vpDIBGhFnrUzovad1O2dHgoRaRk/UW53VMXSeZZAKqZ9JrhXi2fqr jFR6KLUDPTjOIc2cM3tNuoE7XqipQ9j2s+mmz2vfmD44682e+qRMLjkChp6OnSHt Vy8sNyX91jgVa3Nd9rEb5FegeHV7J2vW4vykUCK+oeHTIMWa7ocaRWqZ61xqdO9i U65QZZmx8YBMbkEd2GEtb92U3fVH5eWsF4GvuHWLsH7jWsyPsgBjVqOPC/uBzy34 TdeAfz363n+5ix4P+x3kYlDETYwJQgJqnXJRBSU+nx8Tc8hBnRths4UfgwPwGKyD B77a7ACrY+E8+xgUa1pI7R2otTMIIEMY5Aop6NbPnsnvG7TRe3tPNa6tAe0et4MI 7VFmWG8KEd0= =kVK5 -----END PGP SIGNATURE-----