VERT Threat Alert: June 2022 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th.
In-The-Wild & Disclosed CVEs
None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However, Microsoft did update last month’s security guidance related to the Follina vulnerability (CVE-2022-30190) and a patch has now been released. A write-up from May 29 can be read here and Microsoft’s MSRC response can be found here.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.
- Traditional Software
- Mobile Software
- Cloud or Cloud Adjacent
- Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
| Tag | CVE Count | CVEs |
| Azure Service Fabric Container | 1 | CVE-2022-30137 |
| Windows Container Isolation FS Filter Driver | 1 | CVE-2022-30131 |
| Windows Media | 1 | CVE-2022-30135 |
| Windows Installer | 1 | CVE-2022-30147 |
| Windows Network File System | 1 | CVE-2022-30136 |
| Windows PowerShell | 1 | CVE-2022-30148 |
| Microsoft Office SharePoint | 2 | CVE-2022-30157, CVE-2022-30158 |
| Windows iSCSI | 1 | CVE-2022-30140 |
| Microsoft Windows Codecs Library | 6 | CVE-2022-29111, CVE-2022-22018, CVE-2022-30167, CVE-2022-30188, CVE-2022-29119, CVE-2022-30193 |
| SQL Server | 1 | CVE-2022-29143 |
| Microsoft Office Excel | 1 | CVE-2022-30173 |
| Windows Ancillary Function Driver for WinSock | 1 | CVE-2022-30151 |
| Windows Kernel | 2 | CVE-2022-30155, CVE-2022-30162 |
| Windows Local Security Authority Subsystem Service | 1 | CVE-2022-30166 |
| Microsoft Office | 4 | CVE-2022-30159, CVE-2022-30171, CVE-2022-30172, CVE-2022-30174 |
| Windows Defender | 1 | CVE-2022-30150 |
| Intel | 4 | CVE-2022-21166, CVE-2022-21127, CVE-2022-21123, CVE-2022-21125 |
| Windows Network Address Translation (NAT) | 1 | CVE-2022-30152 |
| Remote Volume Shadow Copy Service (RVSS) | 1 | CVE-2022-30154 |
| Windows File History Service | 1 | CVE-2022-30142 |
| Windows Autopilot | 1 | CVE-2022-30189 |
| .NET and Visual Studio | 1 | CVE-2022-30184 |
| Azure OMI | 1 | CVE-2022-29149 |
| Windows Kerberos | 2 | CVE-2022-30164, CVE-2022-30165 |
| Windows Encrypting File System (EFS) | 1 | CVE-2022-30145 |
| Windows Container Manager Service | 1 | CVE-2022-30132 |
| Azure Real Time Operating System | 4 | CVE-2022-30177, CVE-2022-30178, CVE-2022-30179, CVE-2022-30180 |
| Role: Windows Hyper-V | 1 | CVE-2022-30163 |
| Microsoft Edge (Chromium-based) | 5 | CVE-2022-22021, CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, CVE-2022-2011 |
| Microsoft Windows ALPC | 1 | CVE-2022-30160 |
| Windows LDAP – Lightweight Directory Access Protocol | 7 | CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161, CVE-2022-30139, CVE-2022-30146 |
| Windows SMB | 1 | CVE-2022-32230 |
| Windows App Store | 1 | CVE-2022-30168 |
Other Information
In addition to the Microsoft vulnerabilities included in the June Security Guidance, an advisory was also released today.
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities [ADV220002]
Four of the vulnerabilities patched by Microsoft today are tied to INTEL-SA-000615, an Intel advisory describing a group of vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. In addition to the security guidance for these four vulnerabilities, Microsoft has released this advisory to detail the recommended actions Microsoft customers should take to ensure complete remediation of these vulnerabilities.
