Operating System:

[WIN]

Published:

13 July 2022

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ASB-2022.0139 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2022.0139
           Microsoft Patch Tuesday update for Microsoft Extended
               Security Update (ESU) products for July 2022
                               13 July 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Windows 7
                  Windows Server 2008
                  Windows Server 2008 R2
Operating System: Windows
Resolution:       Patch/Upgrade
CVE Names:        CVE-2022-30226 CVE-2022-30225 CVE-2022-30224
                  CVE-2022-30223 CVE-2022-30221 CVE-2022-30220
                  CVE-2022-30213 CVE-2022-30211 CVE-2022-30209
                  CVE-2022-30208 CVE-2022-30206 CVE-2022-30205
                  CVE-2022-30203 CVE-2022-30202 CVE-2022-23825
                  CVE-2022-23816 CVE-2022-22050 CVE-2022-22049
                  CVE-2022-22048 CVE-2022-22047 CVE-2022-22043
                  CVE-2022-22042 CVE-2022-22040 CVE-2022-22039
                  CVE-2022-22037 CVE-2022-22036 CVE-2022-22034
                  CVE-2022-22029 CVE-2022-22028 CVE-2022-22027
                  CVE-2022-22026 CVE-2022-22025 CVE-2022-22024
                  CVE-2022-22023 CVE-2022-22022 CVE-2022-21845

Comment: CVSS (Max):  8.8* CVE-2022-22026 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
         CVSS Source: Microsoft
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
         * Not all CVSS available when published
         
         Microsoft has noted that CVE-2022-22047 is being actively exploited

OVERVIEW

        Microsoft has released its monthly security patch update for the
        month of July 2022.
        
        This update resolves 37 vulnerabilities across the following
        product(s): [1]
        
         Windows 7 for 32-bit Systems Service Pack 1
         Windows 7 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1
         Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
         Windows Server 2008 for 32-bit Systems Service Pack 2
         Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
         Windows Server 2008 for x64-based Systems Service Pack 2
         Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
         CVE-2022-21845  Information Disclosure   Important
         CVE-2022-22022  Elevation of Privilege   Important
         CVE-2022-22023  Security Feature Bypass  Important
         CVE-2022-22024  Remote Code Execution    Important
         CVE-2022-22025  Denial of Service        Important
         CVE-2022-22026  Elevation of Privilege   Important
         CVE-2022-22027  Remote Code Execution    Important
         CVE-2022-22028  Information Disclosure   Important
         CVE-2022-22029  Remote Code Execution    Critical
         CVE-2022-22034  Elevation of Privilege   Important
         CVE-2022-22036  Elevation of Privilege   Important
         CVE-2022-22037  Elevation of Privilege   Important
         CVE-2022-22039  Remote Code Execution    Critical
         CVE-2022-22040  Denial of Service        Important
         CVE-2022-22042  Information Disclosure   Important
         CVE-2022-22043  Elevation of Privilege   Important
         CVE-2022-22047  Elevation of Privilege   Important
         CVE-2022-22048  Security Feature Bypass  Important
         CVE-2022-22049  Elevation of Privilege   Important
         CVE-2022-22050  Elevation of Privilege   Important
         CVE-2022-23816  Information Disclosure   Important
         CVE-2022-23825  Information Disclosure   Important
         CVE-2022-30202  Elevation of Privilege   Important
         CVE-2022-30203  Security Feature Bypass  Important
         CVE-2022-30205  Elevation of Privilege   Important
         CVE-2022-30206  Elevation of Privilege   Important
         CVE-2022-30208  Denial of Service        Important
         CVE-2022-30209  Elevation of Privilege   Important
         CVE-2022-30211  Remote Code Execution    Important
         CVE-2022-30213  Information Disclosure   Important
         CVE-2022-30220  Elevation of Privilege   Important
         CVE-2022-30221  Remote Code Execution    Critical
         CVE-2022-30223  Information Disclosure   Important
         CVE-2022-30224  Elevation of Privilege   Important
         CVE-2022-30225  Denial of Service        Important
         CVE-2022-30225  Elevation of Privilege   Important
         CVE-2022-30226  Elevation of Privilege   Important


MITIGATION

        Microsoft recommends updating the software with the version made
        available on the Microsoft Update Catalogue for the following
        Knowledge Base articles. [1].
        
         KB5015861, KB5015862, KB5015866, KB5015870


REFERENCES

        [1] Microsoft Security Update Guidance
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYs5ZYMkNZI30y1K9AQiGdA//cfnL42U6F4FXMJvEKLWgzFe/RdwMsWB2
7M+FRqbtF/D6lQrFlNCqkkG2arH08Rtr5EzJaM7N8h+BKCP1Ogmo32k8yUz5nV0A
AHmQumwUq0MsL0EieOlWpt9t6aWCWOGtBTaxmCxBa4q/8dVVHAOOrqm4roHR0WNg
mpF7xEbOsjKhq1BgKNfk7vQYo+CI1AuI31vmD2153ONfxBogUv4OQpEtxlVCSUvm
ji2Jw0vqHgWbbg4NpQn5uDKT38trTh7RfyP6zNsIjaNYm5xTHABBnGwxY9e18MKA
A01f6YT2wlM8uukhoflcHF508Lwr6Z5XedyyHXTiq3k4tJfSr3QQjWTdGfV94rYi
amVc9TdEQDscqMtGopgDcrXfGkoPISd6ypHiXoCWZ2v65Ldl6W0NXqouVUrtVTXV
FCV1DyLFY6/oRAJUsO66TT5CveS/2+PYw3QS2We5Fu63sAokJrzgGzUrjgyd8Xeq
SBWjkcmQKjcGi7AyhMqVqS6OzuLgr6AKDVFEeKXm+V1YBs0xE2Q3G15WMP+RvHHf
vuXDmQ2GZnNzUuJpxd3lUIGYIB0IIjM39GXPedb7C2jS0N/17b3RG6PG5qbX5+Ip
OevNNREAjrwKY1f9ML4g/7m1HEo5ebfDeD/jpDxUb99OuG5PRz1CLkgyL7xuLiNv
4RMgFWW38IU=
=3aTo
-----END PGP SIGNATURE-----