Microsoft Patch Tuesday - June 2022

Patch Tuesday is once again upon us. The June 2022 edition of Patch Tuesday brings us 60 fixes, with 3 rated as critical. We’ve listed the most important changes below.

⚡ TL;DR | Go Straight to the June 2022 Patch Tuesday Audit Report

MSDT Remote Code Execution „Follina“ Fixed

Earlier this month, Microsoft released a security advisory for the Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability, CVE-2022-30190. This vulnerability was an actively exploited zero-day vulnerability that allowed attackers to use Microsoft office files to run arbitrary code. Recent reports have also confirmed that Follina is being actively exploited. While Microsoft did provide a way to mitigate the risk, and we created a specific Follina vulnerability audit to ensure you’re fully protected, an official fix has now been included in the Patch Tuesday updates.

Network File System RCE Vulnerability

The vulnerability with the highest score this month goes to a Windows NFS RCE. With a CVSS base score of 9.8 it is the highest-rated vulnerability. Additionally, Microsoft lists that exploitation is more than likely which requires the attacker to make an unauthenticated, specially crafted call to a Network File System service to trigger a Remote Code Execution. Microsoft does provide a detailed mitigation guide for CVE-2022-30136, however, installing the latest patches is the easiest method to stay secure.

Need help with finding all servers with the NFS Role? Grab and run our Windows Server NFS Role Audit to get an easy overview.

Hyper-V Remote Code Execution Vulnerability

Coming in second this month is a vulnerability in Hyper-V. CVE-2022-30163 has a CVSS base score of 8.5 and required an attacker to run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Microsoft also mentions that this vulnerability can lead to a scope change, meaning that a successful attack could be performed from a low privilege Hyper-V guest. The attacker can then traverse the guest’s security boundary to execute code on the Hyper-V host execution environment.

Using the Hyper-V Virtual Guest Machines audit, you’ll easily be able to find all Hyper-V guests and hosts.

Run the Patch Tuesday June 2022 Audit Report

To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.

The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!

Run the June Patch Tuesday Audit

Patch Tuesday June 2022 CVE Codes & Titles

CVE Number	CVE Title
CVE-2022-32230	Windows SMB Denial of Service Vulnerability
CVE-2022-30193	AV1 Video Extension Remote Code Execution Vulnerability
CVE-2022-30190	Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
CVE-2022-30189	Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
CVE-2022-30188	HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-30184	.NET and Visual Studio Information Disclosure Vulnerability
CVE-2022-30180	Azure RTOS GUIX Studio Information Disclosure Vulnerability
CVE-2022-30179	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30178	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30177	Azure RTOS GUIX Studio Remote Code Execution Vulnerability
CVE-2022-30174	Microsoft Office Remote Code Execution Vulnerability
CVE-2022-30173	Microsoft Excel Remote Code Execution Vulnerability
CVE-2022-30172	Microsoft Office Information Disclosure Vulnerability
CVE-2022-30171	Microsoft Office Information Disclosure Vulnerability
CVE-2022-30168	Microsoft Photos App Remote Code Execution Vulnerability
CVE-2022-30167	AV1 Video Extension Remote Code Execution Vulnerability
CVE-2022-30166	Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2022-30165	Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-30164	Kerberos AppContainer Security Feature Bypass Vulnerability
CVE-2022-30163	Windows Hyper-V Remote Code Execution Vulnerability
CVE-2022-30162	Windows Kernel Information Disclosure Vulnerability
CVE-2022-30161	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30160	Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability
CVE-2022-30159	Microsoft Office Information Disclosure Vulnerability
CVE-2022-30158	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-30157	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-30155	Windows Kernel Denial of Service Vulnerability
CVE-2022-30154	Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
CVE-2022-30153	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30152	Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2022-30151	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2022-30150	Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability
CVE-2022-30149	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30148	Windows Desired State Configuration (DSC) Information Disclosure Vulnerability
CVE-2022-30147	Windows Installer Elevation of Privilege Vulnerability
CVE-2022-30146	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30145	Windows Encrypting File System (EFS) Remote Code Execution Vulnerability
CVE-2022-30143	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30142	Windows File History Remote Code Execution Vulnerability
CVE-2022-30141	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30140	Windows iSCSI Discovery Service Remote Code Execution Vulnerability
CVE-2022-30139	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2022-30137	Azure Service Fabric Container Elevation of Privilege Vulnerability
CVE-2022-30136	Windows Network File System Remote Code Execution Vulnerability
CVE-2022-30135	Windows Media Center Elevation of Privilege Vulnerability
CVE-2022-30132	Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2022-30131	Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability
CVE-2022-29149	Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability
CVE-2022-29143	Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2022-29119	HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-29111	HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-26832	.NET Framework Denial of Service Vulnerability
CVE-2022-24527	Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability
CVE-2022-24513	Visual Studio Elevation of Privilege Vulnerability
CVE-2022-23267	.NET and Visual Studio Denial of Service Vulnerability
CVE-2022-22018	HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-21166	Intel: CVE-2022-21166 Device Register Partial Write (DRPW)
CVE-2022-21127	Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update)
CVE-2022-21125	Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS)
CVE-2022-21123	Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR)
CVE-2021-26414	Windows DCOM Server Security Feature Bypass