VERT Threat Alert: June 2022 Patch Tuesday Analysis


Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th.

In-The-Wild & Disclosed CVEs

None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However, Microsoft did update last month’s security guidance related to the Follina vulnerability (CVE-2022-30190) and a patch has now been released. A write-up from May 29 can be read here and Microsoft’s MSRC response can be found here.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Vulnerabilities are also colour coded to aid with identifying key issues.

  • Traditional Software
  • Mobile Software
  • Cloud or Cloud Adjacent
  • Vulnerabilities that are being exploited or that have been disclosed will be highlighted.
Tag CVE Count CVEs
Azure Service Fabric Container 1 CVE-2022-30137
Windows Container Isolation FS Filter Driver 1 CVE-2022-30131
Windows Media 1 CVE-2022-30135
Windows Installer 1 CVE-2022-30147
Windows Network File System 1 CVE-2022-30136
Windows PowerShell 1 CVE-2022-30148
Microsoft Office SharePoint 2 CVE-2022-30157, CVE-2022-30158
Windows iSCSI 1 CVE-2022-30140
Microsoft Windows Codecs Library 6 CVE-2022-29111, CVE-2022-22018, CVE-2022-30167, CVE-2022-30188, CVE-2022-29119, CVE-2022-30193
SQL Server 1 CVE-2022-29143
Microsoft Office Excel 1 CVE-2022-30173
Windows Ancillary Function Driver for WinSock 1 CVE-2022-30151
Windows Kernel 2 CVE-2022-30155, CVE-2022-30162
Windows Local Security Authority Subsystem Service 1 CVE-2022-30166
Microsoft Office 4 CVE-2022-30159, CVE-2022-30171, CVE-2022-30172, CVE-2022-30174
Windows Defender 1 CVE-2022-30150
Intel 4 CVE-2022-21166, CVE-2022-21127, CVE-2022-21123, CVE-2022-21125
Windows Network Address Translation (NAT) 1 CVE-2022-30152
Remote Volume Shadow Copy Service (RVSS) 1 CVE-2022-30154
Windows File History Service 1 CVE-2022-30142
Windows Autopilot 1 CVE-2022-30189
.NET and Visual Studio 1 CVE-2022-30184
Azure OMI 1 CVE-2022-29149
Windows Kerberos 2 CVE-2022-30164, CVE-2022-30165
Windows Encrypting File System (EFS) 1 CVE-2022-30145
Windows Container Manager Service 1 CVE-2022-30132
Azure Real Time Operating System 4 CVE-2022-30177, CVE-2022-30178, CVE-2022-30179, CVE-2022-30180
Role: Windows Hyper-V 1 CVE-2022-30163
Microsoft Edge (Chromium-based) 5 CVE-2022-22021, CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, CVE-2022-2011
Microsoft Windows ALPC 1 CVE-2022-30160
Windows LDAP – Lightweight Directory Access Protocol 7 CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161, CVE-2022-30139, CVE-2022-30146
Windows SMB 1 CVE-2022-32230
Windows App Store 1 CVE-2022-30168

Other Information

In addition to the Microsoft vulnerabilities included in the June Security Guidance, an advisory was also released today.

Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities [ADV220002]

Four of the vulnerabilities patched by Microsoft today are tied to INTEL-SA-000615, an Intel advisory describing a group of vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. In addition to the security guidance for these four vulnerabilities, Microsoft has released this advisory to detail the recommended actions Microsoft customers should take to ensure complete remediation of these vulnerabilities.



Source link