Microsoft June 2022 Patch Tuesday
This month we got patches for 60 vulnerabilities. Of these, 3 are critical, none previously disclosed, and none being exploited according to Microsoft.
The highest CVSS this month (9.8) is associated with a Remote Code Execution (RCE) vulnerability affecting Windows Network File System (CVE-2022-30136). This vulnerability is not exploitable in NFSV2.0 or NFSV3.0. According to the advisory, disabling NFSV4.1 mitigates the vulnerability. The exploitability for this vulnerability is ‘More Likely’. Interestingly, last month (May/2022) we had a similar CVE affecting NFS (CVE-2022-26937) which, on the contrary, affected versions NFSV2.0 and NFSV3.0 and not NFSV4.1.
A second critical vulnerability worth mentioning is an RCE on Windows Hyper-V (CVE-2022-30163). According to the advisory, “to exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code”. The attack complexity is high. The CVSS score for this vulnerability is 8.5.
Although Follina's vulnerability CVE is not listed in June 2022 Patch Tuesday, the vulnerability advisory (CVE-2022-30190) recommends installing the June updates as soon as possible to fix the 0-day. Official Microsoft Guidance on CVE-2022-30190 is available at Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability – Microsoft Security Response Center.
See my dashboard for a more detailed breakout: https://patchtuesdaydashboard.com.
Description | |||||||
---|---|---|---|---|---|---|---|
CVE | Disclosed | Exploited | Exploitability (old versions) | current version | Severity | CVSS Base (AVG) | CVSS Temporal (AVG) |
.NET and Visual Studio Information Disclosure Vulnerability | |||||||
CVE-2022-30184 | No | No | Less Likely | Less Likely | Important | 5.5 | 5.0 |
AV1 Video Extension Remote Code Execution Vulnerability | |||||||
CVE-2022-30167 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-30193 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | |||||||
CVE-2022-29149 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Azure RTOS GUIX Studio Information Disclosure Vulnerability | |||||||
CVE-2022-30180 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Azure RTOS GUIX Studio Remote Code Execution Vulnerability | |||||||
CVE-2022-30177 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2022-30178 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
CVE-2022-30179 | No | No | Less Likely | Less Likely | Important | 7.8 | 7.0 |
Azure Service Fabric Container Elevation of Privilege Vulnerability | |||||||
CVE-2022-30137 | No | No | Less Likely | Less Likely | Important | 6.7 | 6.0 |
Chromium: CVE-2022-2007 Use after free in WebGPU | |||||||
CVE-2022-2007 | No | No | - | - | - | ||
Chromium: CVE-2022-2008 Out of bounds memory access in WebGL | |||||||
CVE-2022-2008 | No | No | - | - | - | ||
Chromium: CVE-2022-2010 Out of bounds read in compositing | |||||||
CVE-2022-2010 | No | No | - | - | - | ||
Chromium: CVE-2022-2011 Use after free in ANGLE | |||||||
CVE-2022-2011 | No | No | - | - | - | ||
HEVC Video Extensions Remote Code Execution Vulnerability | |||||||
CVE-2022-29111 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-22018 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-30188 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
CVE-2022-29119 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR) | |||||||
CVE-2022-21123 | No | No | Less Likely | Less Likely | Important | ||
Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS) | |||||||
CVE-2022-21125 | No | No | Less Likely | Less Likely | Important | ||
Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update) | |||||||
CVE-2022-21127 | No | No | Less Likely | Less Likely | Important | ||
Intel: CVE-2022-21166 Device Register Partial Write (DRPW) | |||||||
CVE-2022-21166 | No | No | Less Likely | Less Likely | Important | ||
Kerberos AppContainer Security Feature Bypass Vulnerability | |||||||
CVE-2022-30164 | No | No | Less Likely | Less Likely | Important | 8.4 | 7.3 |
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | |||||||
CVE-2022-30166 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||||
CVE-2022-22021 | No | No | Less Likely | Less Likely | Moderate | 8.3 | 7.2 |
Microsoft Excel Remote Code Execution Vulnerability | |||||||
CVE-2022-30173 | No | No | Unlikely | Unlikely | Important | 7.8 | 6.8 |
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | |||||||
CVE-2022-30154 | No | No | Less Likely | Less Likely | Important | 5.3 | 4.6 |
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities | |||||||
ADV220002 | No | No | Less Likely | Less Likely | |||
Microsoft Office Information Disclosure Vulnerability | |||||||
CVE-2022-30159 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2022-30171 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
CVE-2022-30172 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Microsoft Office Remote Code Execution Vulnerability | |||||||
CVE-2022-30174 | No | No | Less Likely | Less Likely | Important | 7.4 | 6.4 |
Microsoft Photos App Remote Code Execution Vulnerability | |||||||
CVE-2022-30168 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Microsoft SQL Server Remote Code Execution Vulnerability | |||||||
CVE-2022-29143 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||||
CVE-2022-30157 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2022-30158 | No | No | Unlikely | Unlikely | Important | 8.8 | 7.7 |
Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability | |||||||
CVE-2022-30160 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||||
CVE-2022-30151 | No | No | Less Likely | Less Likely | Important | 7.0 | 6.1 |
Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability | |||||||
CVE-2022-30189 | No | No | Less Likely | Less Likely | Important | 6.5 | 5.9 |
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability | |||||||
CVE-2022-30131 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Container Manager Service Elevation of Privilege Vulnerability | |||||||
CVE-2022-30132 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.8 |
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability | |||||||
CVE-2022-30150 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows Desired State Configuration (DSC) Information Disclosure Vulnerability | |||||||
CVE-2022-30148 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability | |||||||
CVE-2022-30145 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows File History Remote Code Execution Vulnerability | |||||||
CVE-2022-30142 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
Windows Hyper-V Remote Code Execution Vulnerability | |||||||
CVE-2022-30163 | No | No | Less Likely | Less Likely | Critical | 8.5 | 7.4 |
Windows Installer Elevation of Privilege Vulnerability | |||||||
CVE-2022-30147 | No | No | More Likely | More Likely | Important | 7.8 | 6.8 |
Windows Kerberos Elevation of Privilege Vulnerability | |||||||
CVE-2022-30165 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
Windows Kernel Denial of Service Vulnerability | |||||||
CVE-2022-30155 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Kernel Information Disclosure Vulnerability | |||||||
CVE-2022-30162 | No | No | Less Likely | Less Likely | Important | 5.5 | 4.8 |
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability | |||||||
CVE-2022-30141 | No | No | Less Likely | Less Likely | Important | 8.1 | 7.1 |
CVE-2022-30143 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2022-30149 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
CVE-2022-30153 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2022-30161 | No | No | Less Likely | Less Likely | Important | 8.8 | 7.7 |
CVE-2022-30139 | No | No | Less Likely | Less Likely | Critical | 7.5 | 6.5 |
CVE-2022-30146 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows Media Center Elevation of Privilege Vulnerability | |||||||
CVE-2022-30135 | No | No | Less Likely | Less Likely | Important | 7.8 | 6.9 |
Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||||
CVE-2022-30152 | No | No | Less Likely | Less Likely | Important | 7.5 | 6.5 |
Windows Network File System Remote Code Execution Vulnerability | |||||||
CVE-2022-30136 | No | No | More Likely | More Likely | Critical | 9.8 | 8.5 |
Windows SMB Denial of Service Vulnerability | |||||||
CVE-2022-32230 | No | No | Less Likely | Less Likely | Important | ||
Windows iSCSI Discovery Service Remote Code Execution Vulnerability | |||||||
CVE-2022-30140 | No | No | Less Likely | Less Likely | Important | 7.1 | 6.2 |
--
Renato Marinho
Morphus Labs| LinkedIn|Twitter
Comments