Patch Tuesday is once again upon us. The June 2022 edition of Patch Tuesday brings us 60 fixes, with 3 rated as critical. We’ve listed the most important changes below.
⚡ TL;DR | Go Straight to the June 2022 Patch Tuesday Audit Report
MSDT Remote Code Execution «Follina» Fixed
Earlier this month, Microsoft released a security advisory for the Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability, CVE-2022-30190. This vulnerability was an actively exploited zero-day vulnerability that allowed attackers to use Microsoft office files to run arbitrary code. Recent reports have also confirmed that Follina is being actively exploited. While Microsoft did provide a way to mitigate the risk, and we created a specific Follina vulnerability audit to ensure you’re fully protected, an official fix has now been included in the Patch Tuesday updates.
Network File System RCE Vulnerability
The vulnerability with the highest score this month goes to a Windows NFS RCE. With a CVSS base score of 9.8 it is the highest-rated vulnerability. Additionally, Microsoft lists that exploitation is more than likely which requires the attacker to make an unauthenticated, specially crafted call to a Network File System service to trigger a Remote Code Execution. Microsoft does provide a detailed mitigation guide for CVE-2022-30136, however, installing the latest patches is the easiest method to stay secure.
Need help with finding all servers with the NFS Role? Grab and run our Windows Server NFS Role Audit to get an easy overview.
Hyper-V Remote Code Execution Vulnerability
Coming in second this month is a vulnerability in Hyper-V. CVE-2022-30163 has a CVSS base score of 8.5 and required an attacker to run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Microsoft also mentions that this vulnerability can lead to a scope change, meaning that a successful attack could be performed from a low privilege Hyper-V guest. The attacker can then traverse the guest’s security boundary to execute code on the Hyper-V host execution environment.
Using the Hyper-V Virtual Guest Machines audit, you’ll easily be able to find all Hyper-V guests and hosts.
Run the Patch Tuesday June 2022 Audit Report
To help manage your update progress, we’ve created the Patch Tuesday Audit Report that checks if the assets in your network are on the latest patch updates. The report has been color-coded to see which machines are up-to-date and which ones still need to be updated. As always, system administrators are urged to update their environment as soon as possible to ensure all endpoints are secured.
The Lansweeper Patch Tuesday report is automatically added to Lansweeper Cloud sites. Lansweeper Cloud is included in all our licenses without any additional cost and allows you to federate all your installations into one single view so all you need to do is look at one report, automatically added every patch Tuesday!
Patch Tuesday June 2022 CVE Codes & Titles
CVE Number | CVE Title |
CVE-2022-32230 | Windows SMB Denial of Service Vulnerability |
CVE-2022-30193 | AV1 Video Extension Remote Code Execution Vulnerability |
CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
CVE-2022-30189 | Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability |
CVE-2022-30188 | HEVC Video Extensions Remote Code Execution Vulnerability |
CVE-2022-30184 | .NET and Visual Studio Information Disclosure Vulnerability |
CVE-2022-30180 | Azure RTOS GUIX Studio Information Disclosure Vulnerability |
CVE-2022-30179 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-30178 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-30177 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
CVE-2022-30174 | Microsoft Office Remote Code Execution Vulnerability |
CVE-2022-30173 | Microsoft Excel Remote Code Execution Vulnerability |
CVE-2022-30172 | Microsoft Office Information Disclosure Vulnerability |
CVE-2022-30171 | Microsoft Office Information Disclosure Vulnerability |
CVE-2022-30168 | Microsoft Photos App Remote Code Execution Vulnerability |
CVE-2022-30167 | AV1 Video Extension Remote Code Execution Vulnerability |
CVE-2022-30166 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability |
CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2022-30164 | Kerberos AppContainer Security Feature Bypass Vulnerability |
CVE-2022-30163 | Windows Hyper-V Remote Code Execution Vulnerability |
CVE-2022-30162 | Windows Kernel Information Disclosure Vulnerability |
CVE-2022-30161 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30160 | Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability |
CVE-2022-30159 | Microsoft Office Information Disclosure Vulnerability |
CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
CVE-2022-30155 | Windows Kernel Denial of Service Vulnerability |
CVE-2022-30154 | Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability |
CVE-2022-30153 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30152 | Windows Network Address Translation (NAT) Denial of Service Vulnerability |
CVE-2022-30151 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
CVE-2022-30150 | Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability |
CVE-2022-30149 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30148 | Windows Desired State Configuration (DSC) Information Disclosure Vulnerability |
CVE-2022-30147 | Windows Installer Elevation of Privilege Vulnerability |
CVE-2022-30146 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution Vulnerability |
CVE-2022-30143 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30142 | Windows File History Remote Code Execution Vulnerability |
CVE-2022-30141 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30140 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability |
CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
CVE-2022-30137 | Azure Service Fabric Container Elevation of Privilege Vulnerability |
CVE-2022-30136 | Windows Network File System Remote Code Execution Vulnerability |
CVE-2022-30135 | Windows Media Center Elevation of Privilege Vulnerability |
CVE-2022-30132 | Windows Container Manager Service Elevation of Privilege Vulnerability |
CVE-2022-30131 | Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability |
CVE-2022-29149 | Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
CVE-2022-29143 | Microsoft SQL Server Remote Code Execution Vulnerability |
CVE-2022-29119 | HEVC Video Extensions Remote Code Execution Vulnerability |
CVE-2022-29111 | HEVC Video Extensions Remote Code Execution Vulnerability |
CVE-2022-26832 | .NET Framework Denial of Service Vulnerability |
CVE-2022-24527 | Microsoft Endpoint Configuration Manager Elevation of Privilege Vulnerability |
CVE-2022-24513 | Visual Studio Elevation of Privilege Vulnerability |
CVE-2022-23267 | .NET and Visual Studio Denial of Service Vulnerability |
CVE-2022-22018 | HEVC Video Extensions Remote Code Execution Vulnerability |
CVE-2022-21166 | Intel: CVE-2022-21166 Device Register Partial Write (DRPW) |
CVE-2022-21127 | Intel: CVE-2022-21127 Special Register Buffer Data Sampling Update (SRBDS Update) |
CVE-2022-21125 | Intel: CVE-2022-21125 Shared Buffers Data Sampling (SBDS) |
CVE-2022-21123 | Intel: CVE-2022-21123 Shared Buffers Data Read (SBDR) |
CVE-2021-26414 | Windows DCOM Server Security Feature Bypass |
"*" señala los campos obligatorios
Receive the Latest Patch Tuesday Report for FREE Every Month