Report Name: Microsoft Patch Tuesday, June 2022
Generated: 2022-06-23 21:14:53

Product Name	Prevalence	U	C	H	M	L	Comment
Kerberos	1			2			Kerberos
Windows SMB	1				1		Windows component
Intel(R) Processor	0.9				4		Processor
Windows Container Isolation FS Filter Driver	0.9				1		Windows component
Windows Container Manager Service	0.9				1		Windows component
Windows Encrypting File System	0.9			1			Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption
Windows Kernel	0.9				2		Windows Kernel
Windows LDAP	0.9			7			Windows LDAP
Microsoft Edge	0.8			1	31	4	Web browser
Microsoft Local Security Authority Server	0.8				1		LSASS, the Windows Local Security Authority Server process, handles Windows security mechanisms
Microsoft Windows Support Diagnostic Tool (MSDT)	0.8	1					Windows component
Open Management Infrastructure	0.8			1			An open source project to further the development of a production quality implementation of the DMTF CIM/WBEM standards
Windows Advanced Local Procedure Call	0.8				1		Windows component
Windows Ancillary Function Driver for WinSock	0.8				1		Windows component
Windows Autopilot Device Management and Enrollment Client	0.8			1			Windows component
Windows Defender Remote Credential Guard	0.8				1		Windows component
Windows Desired State Configuration (DSC)	0.8				1		Windows component
Windows File History	0.8			1			Windows component
Windows Installer	0.8				1		Windows component
Windows Media Center	0.8				1		Windows component
Windows Network Address Translation (NAT)	0.8			1			Windows component
Windows Network File System	0.8		1				Windows component
Windows Print Spooler	0.8				1		Windows component
Windows iSCSI Discovery Service	0.8			1			Windows component
.NET	0.7				1		.NET
HEVC Video Extensions	0.7			4			HEVC Video Extensions
Microsoft SharePoint	0.7			2			Microsoft SharePoint
Microsoft Excel	0.6			1			MS Office product
Microsoft Office	0.6			1	3		Microsoft Office
Microsoft SQL	0.6			1			Microsoft SQL
Windows Hyper-V	0.6			1			Hardware virtualization component of the client editions of Windows NT
AV1 Video Extension	0.5			2			AV1 Video Extension
Azure Service Fabric Container	0.5				1		Azure Service Fabric Container
Microsoft File Server Shadow Copy Agent Service (RVSS)	0.5				1		Microsoft File Server Shadow Copy Agent Service (RVSS)
Microsoft Photos App	0.5			1			Microsoft Photos App
Azure RTOS	0.3			3	1		Azure RTOS is a small, fast, reliable, and easy-to-use real-time operating system (RTOS) for connecting deeply embedded IoT devices

Vulnerability Type	Criticality	U	C	H	M	L	Comment
Remote Code Execution	1.0	1	1	27			Remote Code Execution
Security Feature Bypass	0.9			1	6		Security Feature Bypass
Denial of Service	0.7			1	2		Denial of Service
Memory Corruption	0.6				22		Memory Corruption
Elevation of Privilege	0.5			2	13		Elevation of Privilege
Information Disclosure	0.4				11		Information Disclosure
Spoofing	0.4			1	1		Spoofing
Unknown Vulnerability Type	0					4	Unknown Vulnerability Type

Urgent (1)

1. Remote Code Execution - Microsoft Windows Support Diagnostic Tool (MSDT) (CVE-2022-30190) - Urgent [935]

Description: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.

MS PT Extended: CVE-2022-30190 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Patch Tuesday Summary Microsoft has fixed 55 vulnerabilities (aka flaws) in the June 2022 update, including three (3) vulnerabilities classified as Critical as they allow Remote Code Execution (RCE). This month’s Patch Tuesday cumulative Windows update includes the fix for one (1) zero-day vulnerability (CVE-2022-30190). Microsoft also released an advisory for Intel Processor MMIO Stale Data Vulnerabilitie to address four (4) Intel vulnerabilities (Microsoft Advisory 220002, Intel-SA-00615). Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, and Spoofing vulnerabilities. Many of the vulnerabilities patched this month relate to remote code execution, but there are no reports of active exploitation in the wild with the exception of an update to CVE-2022-30190, a Microsoft Windows Support Diagnostic Tool (MSDT) vulnerability made public in May.

qualys: CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.8/10. Microsoft has fixed the widely-exploited Windows Follina MSDT zero-day vulnerability tracked as CVE-2022-30190 in the June 2022 Updates. The update for this vulnerability is in the June 2022 cumulative Windows Updates. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action. Exploitability Assessment: Exploitation Detected. On May 31st Qualys released QID 91909 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability (Follina) (Zero Day).On June 14th, Microsoft released the patch for this vulnerability in the June 2022 cumulative Windows Updates. Qualys will modify our existing detection signature to check for the PATCH ONLY and apply a minor title revision to remove the zero-day reference: QID 91909  Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability (Follina).Qualys will also release a NEW Information Gathered (IG) detection that will test for the MITIGATION ONLY: QID 45538 Microsoft Support Diagnostic Tool (MSDT) URL Protocol Vulnerability Disabled (Follina Mitigation Enabled).These updates will be included in the June 14th evening’s Patch Tuesday release cycle. (VULNSIGS-2.5.504-4, QAGENT-SIGNATURE-SET-2.5.504.4-3, LX_MANIFEST-2.5.504.4-4)

qualys: Examine a potential attack vector as well as technical details of Follina, and chart the ability to detect this new vulnerability using both Qualys Multi-Vector EDR and Qualys Context XDR. Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR

tenable: CVE-2022-30190, also known as “Follina” — the RCE vulnerability in the Microsoft Windows Support Diagnostic Tool that was disclosed in late May and exploited in the wild — has now received patches for affected Windows systems. While Microsoft had provided mitigation guidance in an advisory on May 30, patches were not released until June 14.

rapid7: June's Patch Tuesday sees Microsoft releasing fixes for over 60 CVEs. Top of mind for many administrators this month is CVE-2022-30190, also known as Follina, which was observed being exploited in the wild at the end of May. Microsoft provided mitigation instructions (disabling the MSDT URL protocol via the registry), but actual patches were not available until today’s cumulative Windows Updates. Even if the mitigation was previously applied, installing the updates is highly recommended.

zdi: CVE-2022-30190 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Although it’s difficult to see from the Security Update Guide, Microsoft did release an update to address the much discuss “Follina” vulnerability in MSDT. This bug has been reported to be under active attack, so priority should be given to the testing and deployment of this update.

Critical (1)

2. Remote Code Execution - Windows Network File System (CVE-2022-30136) - Critical [718]

Description: Windows Network File System Remote Code Execution Vulnerability.

qualys: CVE-2022-30136 | Windows Network File System Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 9.8/10. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Exploitability Assessment: Exploitation More Likely.

tenable: CVE-2022-30136 is a RCE vulnerability in the network file system (NFS) that can be exploited by an unauthenticated attacker using a specially crafted call to a NFS service. The vulnerability received a 9.8 CVSSv3 score and Microsoft rated this as “Exploitation More Likely” according to its Exploitability Index. The advisory notes that NFS versions 2.0 and 3.0 are not affected and administrators can disable NFS version 4.1 to mitigate this flaw. Disabling NFSv4.1 could have adverse impacts, so organizations should carefully consider this step before adopting it. Microsoft does note that this is only a temporary mitigation option, organizations should apply the patch as soon as possible. The advisory also provides a warning that you should not disable NFSv4.1 unless you have installed the May 2022 Windows security updates, specifically the updates addressing CVE-2022-26937.

tenable: Both CVE-2022-30136 and CVE-2022-26937 are credited to Yuki Chen, a prolific researcher with Cyber KunLun who has been credited with discovering nine vulnerabilities in Microsoft products in June 2022.

rapid7: None of the other CVEs being addressed this month have been previously disclosed or seen exploited yet. However, it won’t be long before attackers start looking at CVE-2022-30136, a critical remote code execution (RCE) vulnerability affecting the Windows Network File System (NFS). Last month, Microsoft fixed a similar vulnerability (CVE-2022-26937) affecting NFS v2.0 and v3.0. CVE-2022-30136, on the other hand, is only exploitable in NFS v4.1. Microsoft has provided mitigation guidance to disable NFS v4.1, which should only be done if the May updates fixing previous NFS versions have been applied. Again, even if the mitigation has been put into place, best to patch sooner rather than later.

zdi: CVE-2022-30136 - Windows Network File System Remote Code Execution Vulnerability. This CVSS 9.8 bug looks eerily similar to CVE-2022-26937 – an NFS bug patched last month and one we blogged about last week. This vulnerability could allow a remote attacker to execute privileged code on affected systems running NFS. On the surface, the only difference between the patches is that this month’s update fixes a bug in NFSV4.1, whereas last month’s bug only affected versions NSFV2.0 and NSFV3.0. It’s not clear if this is a variant or a failed patch or a completely new issue. Regardless, enterprises running NFS should prioritize testing and deploying this fix.

High (32)

3. Remote Code Execution - Windows LDAP (CVE-2022-30153) - High [494]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

4. Remote Code Execution - Windows LDAP (CVE-2022-30161) - High [494]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

5. Remote Code Execution - Windows Encrypting File System (CVE-2022-30145) - High [481]

Description: Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.

qualys: CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. Exploitability Assessment: Exploitation Less Likely.

6. Remote Code Execution - Windows LDAP (CVE-2022-30139) - High [481]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

qualys: CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. For more information, please see LDAP policies. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. Exploitability Assessment: Exploitation Less Likely.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

rapid7: Also reminiscent of last month is CVE-2022-30139, a critical RCE in LDAP carrying a CVSSv3 base score of 7.1, which again is only exploitable if the MaxReceiveBuffer LDAP policy value is set higher than the default. Rounding out the critical RCEs for June is CVE-2022-30163, which could allow a malicious application running on a Hyper-V guest to execute code on the host OS.

7. Remote Code Execution - Windows LDAP (CVE-2022-30141) - High [481]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

8. Remote Code Execution - Windows LDAP (CVE-2022-30143) - High [481]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

9. Remote Code Execution - Windows LDAP (CVE-2022-30146) - High [481]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

10. Remote Code Execution - Windows LDAP (CVE-2022-30149) - High [481]

Description: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161.

11. Security Feature Bypass - Kerberos (CVE-2022-30164) - High [479]

Description: Kerberos AppContainer Security Feature Bypass Vulnerability.

qualys: CVE-2022-30164 | Windows Kerberos AppContainer Security Feature Bypass Vulnerability This vulnerability has a CVSSv3.1 score of 8.4/10. A low privilege attacker could execute a script within an App Container to request a service ticket and thereby gain elevation to the service privilege. An attacker could bypass the Kerberos service ticketing feature which performs user access control checks In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. Exploitability Assessment: Exploitation Less Likely.

12. Remote Code Execution - Microsoft Edge (CVE-2022-22021) - High [462]

Description: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.

MS PT Extended: CVE-2022-22021 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

13. Remote Code Execution - Azure RTOS (CVE-2022-30177) - High [459]

Description: Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179.

14. Remote Code Execution - Azure RTOS (CVE-2022-30178) - High [459]

Description: Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179.

15. Remote Code Execution - Azure RTOS (CVE-2022-30179) - High [459]

Description: Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178.

16. Remote Code Execution - Microsoft SharePoint (CVE-2022-30157) - High [456]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158.

qualys: CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. In a network-based attack, an attacker would need to have the privileges to create a page on a vulnerable SharePoint server. By creating a site using specific code, the attacker could execute code remotely on the target server. The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability. Exploitability Assessment: Exploitation Less Likely.

17. Remote Code Execution - Microsoft SharePoint (CVE-2022-30158) - High [456]

Description: Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157.

qualys: CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. An authenticated attacker with access to a server that has Sandboxed Code Service enabled could execute code in the context of the web service account. The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability. Exploitability Assessment: Exploitation Unlikely.

18. Elevation of Privilege - Open Management Infrastructure (CVE-2022-29149) - High [452]

Description: Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability.

19. Remote Code Execution - Windows File History (CVE-2022-30142) - High [448]

Description: Windows File History Remote Code Execution Vulnerability.

20. Remote Code Execution - Windows iSCSI Discovery Service (CVE-2022-30140) - High [448]

Description: Windows iSCSI Discovery Service Remote Code Execution Vulnerability.

21. Remote Code Execution - HEVC Video Extensions (CVE-2022-22018) - High [443]

Description: HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188.

22. Remote Code Execution - HEVC Video Extensions (CVE-2022-29111) - High [443]

Description: HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188.

23. Remote Code Execution - HEVC Video Extensions (CVE-2022-29119) - High [443]

Description: HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188.

24. Remote Code Execution - HEVC Video Extensions (CVE-2022-30188) - High [443]

Description: HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119.

25. Remote Code Execution - Microsoft Excel (CVE-2022-30173) - High [424]

Description: Microsoft Excel Remote Code Execution Vulnerability.

26. Remote Code Execution - Microsoft SQL (CVE-2022-29143) - High [424]

Description: Microsoft SQL Server Remote Code Execution Vulnerability.

27. Remote Code Execution - Windows Hyper-V (CVE-2022-30163) - High [424]

Description: Windows Hyper-V Remote Code Execution Vulnerability.

qualys: CVE-2022-30163 | Windows Hyper-V Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.5/10. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Successful exploitation of this vulnerability requires an attacker to win a race condition. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest’s security boundary to execute code on the Hyper-V host execution environment. Exploitability Assessment: Exploitation Less Likely.

rapid7: Also reminiscent of last month is CVE-2022-30139, a critical RCE in LDAP carrying a CVSSv3 base score of 7.1, which again is only exploitable if the MaxReceiveBuffer LDAP policy value is set higher than the default. Rounding out the critical RCEs for June is CVE-2022-30163, which could allow a malicious application running on a Hyper-V guest to execute code on the host OS.

zdi: CVE-2022-30163 - Windows Hyper-V Remote Code Execution Vulnerability. This bug could allow a user on a Hyper-V guest to run their code on the underlying Hyper-V host OS. The update doesn’t list the privileges the attacker’s code would run at, but any guest-to-host escape should be taken seriously. Microsoft notes that attack complexity is high since an attacker would need to win a race condition. However, we have seen many reliable exploits demonstrated that involve race conditions, so take the appropriate step to test and deploy this update.

28. Spoofing - Windows Autopilot Device Management and Enrollment Client (CVE-2022-30189) - High [418]

Description: Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability.

29. Elevation of Privilege - Kerberos (CVE-2022-30165) - High [412]

Description: Windows Kerberos Elevation of Privilege Vulnerability.

qualys: CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. Systems configured to activate both of the following features in Windows Server: CredSSP (Credential Security Service Provider) and RCG (Remote Credential Guard) might be vulnerable to this exploit. An authenticated attacker could exploit this vulnerability to elevate privileges and then spoof the Kerberos login process when a remote credential guard connection is made via CredSSP over the network. Exploitability Assessment: Exploitation Less Likely.

30. Remote Code Execution - Microsoft Office (CVE-2022-30174) - High [410]

Description: Microsoft Office Remote Code Execution Vulnerability.

31. Remote Code Execution - AV1 Video Extension (CVE-2022-30167) - High [405]

Description: AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193.

32. Remote Code Execution - AV1 Video Extension (CVE-2022-30193) - High [405]

Description: AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167.

33. Remote Code Execution - Microsoft Photos App (CVE-2022-30168) - High [405]

Description: Microsoft Photos App Remote Code Execution Vulnerability.

34. Denial of Service - Windows Network Address Translation (NAT) (CVE-2022-30152) - High [401]

Description: Windows Network Address Translation (NAT) Denial of Service Vulnerability.

Medium (55)

35. Denial of Service - Windows Kernel (CVE-2022-30155) - Medium [393]

Description: Windows Kernel Denial of Service Vulnerability.

36. Information Disclosure - .NET (CVE-2022-30184) - Medium [386]

Description: .NET and Visual Studio Information Disclosure Vulnerability.

37. Elevation of Privilege - Azure Service Fabric Container (CVE-2022-30137) - Medium [382]

Description: Azure Service Fabric Container Elevation of Privilege Vulnerability.

38. Elevation of Privilege - Windows Container Isolation FS Filter Driver (CVE-2022-30131) - Medium [379]

Description: Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability.

39. Elevation of Privilege - Windows Container Manager Service (CVE-2022-30132) - Medium [379]

Description: Windows Container Manager Service Elevation of Privilege Vulnerability.

40. Elevation of Privilege - Microsoft Edge (CVE-2022-30127) - Medium [360]

Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30128.

MS PT Extended: CVE-2022-30127 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

41. Elevation of Privilege - Microsoft Edge (CVE-2022-30128) - Medium [360]

Description: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30127.

MS PT Extended: CVE-2022-30128 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

42. Elevation of Privilege - Microsoft Local Security Authority Server (CVE-2022-30166) - Medium [360]

Description: Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.

43. Elevation of Privilege - Windows Advanced Local Procedure Call (CVE-2022-30160) - Medium [360]

Description: Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability.

tenable: CVE-2022-30160 is an EoP vulnerability affecting the advanced local procedure call (ALPC), a message-passing mechanism for internal operating system communications. With a CVSSv3 score of 7.8, this vulnerability can be exploited by a local, authenticated attacker. Researcher Jarvis_1oop is credited with discovering this flaw, which was rated as“Exploitation More Likely.” patches are available for all supported Windows variants including Windows Server Core installations.

44. Elevation of Privilege - Windows Defender Remote Credential Guard (CVE-2022-30150) - Medium [360]

Description: Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.

45. Elevation of Privilege - Windows Installer (CVE-2022-30147) - Medium [360]

Description: Windows Installer Elevation of Privilege Vulnerability.

tenable: CVE-2022-30147 is an EoP vulnerability affecting the Windows Installer. The flaw received a 7.8 CVSSv3 score and can be exploited by a local, authenticated attacker. Microsoft’s exploitability assessment rates this vulnerability as “Exploitation More Likely” and patches are available for all supported Windows variants including Windows Server Core Installations. This vulnerability was an internal discovery at Microsoft credited to Levi Broderick with Microsoft and Andrew Ruddick.

46. Elevation of Privilege - Windows Media Center (CVE-2022-30135) - Medium [360]

Description: Windows Media Center Elevation of Privilege Vulnerability.

47. Elevation of Privilege - Windows Print Spooler (CVE-2022-30138) - Medium [360]

Description: Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104, CVE-2022-29132.

MS PT Extended: CVE-2022-30138 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

48. Elevation of Privilege - Windows Ancillary Function Driver for WinSock (CVE-2022-30151) - Medium [347]

Description: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.

49. Information Disclosure - Azure RTOS (CVE-2022-30180) - Medium [337]

Description: Azure RTOS GUIX Studio Information Disclosure Vulnerability.

50. Security Feature Bypass - Microsoft Edge (CVE-2022-1857) - Medium [333]

Description: Chromium: CVE-2022-1857 Insufficient policy enforcement in File System API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1857 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

51. Security Feature Bypass - Microsoft Edge (CVE-2022-1867) - Medium [333]

Description: Chromium: CVE-2022-1867 Insufficient validation of untrusted input in Data Transfer. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1867 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

52. Security Feature Bypass - Microsoft Edge (CVE-2022-1871) - Medium [333]

Description: Chromium: CVE-2022-1871 Insufficient policy enforcement in File System API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1871 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

53. Security Feature Bypass - Microsoft Edge (CVE-2022-1872) - Medium [333]

Description: Chromium: CVE-2022-1872 Insufficient policy enforcement in Extensions API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1872 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

54. Security Feature Bypass - Microsoft Edge (CVE-2022-1873) - Medium [333]

Description: Chromium: CVE-2022-1873 Insufficient policy enforcement in COOP. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1873 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

55. Security Feature Bypass - Microsoft Edge (CVE-2022-1874) - Medium [333]

Description: Chromium: CVE-2022-1874 Insufficient policy enforcement in Safe Browsing. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1874 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

56. Information Disclosure - Windows Kernel (CVE-2022-30162) - Medium [332]

Description: Windows Kernel Information Disclosure Vulnerability.

57. Denial of Service - Windows SMB (CVE-2022-32230) - Medium [331]

Description: Windows SMB Denial of Service Vulnerability

58. Information Disclosure - Windows Desired State Configuration (DSC) (CVE-2022-30148) - Medium [313]

Description: Windows Desired State Configuration (DSC) Information Disclosure Vulnerability.

zdi: CVE-2022-30148 - Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Most info disclosure bugs simply leak unspecified memory contents, but this bug is different. An attacker could use this to recover plaintext passwords and usernames from log files. Since DSC is often used by SysAdmins to maintain machine configurations in an enterprise, there are likely some sought-after username/password combos that could be recovered. This would also be a great bug for an attacker to move laterally within a network. If you’re using DSC, make sure you don’t miss this update.

59. Spoofing - Microsoft Edge (CVE-2022-26905) - Medium [286]

Description: Microsoft Edge (Chromium-based) Spoofing Vulnerability.

MS PT Extended: CVE-2022-26905 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

60. Information Disclosure - Microsoft Office (CVE-2022-30159) - Medium [275]

Description: Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172.

61. Information Disclosure - Microsoft Office (CVE-2022-30171) - Medium [275]

Description: Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172.

62. Information Disclosure - Microsoft Office (CVE-2022-30172) - Medium [275]

Description: Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171.

63. Memory Corruption - Microsoft Edge (CVE-2022-1634) - Medium [272]

Description: Chromium: CVE-2022-1634 Use after free in Browser UI. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1634 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

64. Memory Corruption - Microsoft Edge (CVE-2022-1635) - Medium [272]

Description: Chromium: CVE-2022-1635 Use after free in Permission Prompts. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1635 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

65. Memory Corruption - Microsoft Edge (CVE-2022-1636) - Medium [272]

Description: Chromium: CVE-2022-1636 Use after free in Performance APIs. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1636 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

66. Memory Corruption - Microsoft Edge (CVE-2022-1638) - Medium [272]

Description: Chromium: CVE-2022-1638 Heap buffer overflow in V8 Internationalization. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1638 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

67. Memory Corruption - Microsoft Edge (CVE-2022-1639) - Medium [272]

Description: Chromium: CVE-2022-1639 Use after free in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1639 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

68. Memory Corruption - Microsoft Edge (CVE-2022-1640) - Medium [272]

Description: Chromium: CVE-2022-1640 Use after free in Sharing. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1640 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

69. Memory Corruption - Microsoft Edge (CVE-2022-1853) - Medium [272]

Description: Chromium: CVE-2022-1853 Use after free in Indexed DB. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1853 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

70. Memory Corruption - Microsoft Edge (CVE-2022-1854) - Medium [272]

Description: Chromium: CVE-2022-1854 Use after free in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1854 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

71. Memory Corruption - Microsoft Edge (CVE-2022-1855) - Medium [272]

Description: Chromium: CVE-2022-1855 Use after free in Messaging. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1855 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

72. Memory Corruption - Microsoft Edge (CVE-2022-1856) - Medium [272]

Description: Chromium: CVE-2022-1856 Use after free in User Education. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1856 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

73. Memory Corruption - Microsoft Edge (CVE-2022-1858) - Medium [272]

Description: Chromium: CVE-2022-1858 Out of bounds read in DevTools. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1858 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

74. Memory Corruption - Microsoft Edge (CVE-2022-1859) - Medium [272]

Description: Chromium: CVE-2022-1859 Use after free in Performance Manager. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1859 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

75. Memory Corruption - Microsoft Edge (CVE-2022-1863) - Medium [272]

Description: Chromium: CVE-2022-1863 Use after free in Tab Groups. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1863 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

76. Memory Corruption - Microsoft Edge (CVE-2022-1864) - Medium [272]

Description: Chromium: CVE-2022-1864 Use after free in WebApp Installs. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1864 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

77. Memory Corruption - Microsoft Edge (CVE-2022-1865) - Medium [272]

Description: Chromium: CVE-2022-1865 Use after free in Bookmarks. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1865 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

78. Memory Corruption - Microsoft Edge (CVE-2022-1869) - Medium [272]

Description: Chromium: CVE-2022-1869 Type Confusion in V8. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1869 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

79. Memory Corruption - Microsoft Edge (CVE-2022-1870) - Medium [272]

Description: Chromium: CVE-2022-1870 Use after free in App Service. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1870 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

80. Memory Corruption - Microsoft Edge (CVE-2022-1876) - Medium [272]

Description: Chromium: CVE-2022-1876 Heap buffer overflow in DevTools. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-1876 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

81. Memory Corruption - Microsoft Edge (CVE-2022-2007) - Medium [272]

Description: Chromium: CVE-2022-2007 Use after free in WebGPU. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-2007 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

82. Memory Corruption - Microsoft Edge (CVE-2022-2008) - Medium [272]

Description: Chromium: CVE-2022-2008 Out of bounds memory access in WebGL. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-2008 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

83. Memory Corruption - Microsoft Edge (CVE-2022-2010) - Medium [272]

Description: Chromium: CVE-2022-2010 Out of bounds read in compositing. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-2010 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

84. Memory Corruption - Microsoft Edge (CVE-2022-2011) - Medium [272]

Description: Chromium: CVE-2022-2011 Use after free in ANGLE. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

MS PT Extended: CVE-2022-2011 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

85. Elevation of Privilege - Microsoft File Server Shadow Copy Agent Service (RVSS) (CVE-2022-30154) - Medium [263]

Description: Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.

86. Information Disclosure - Intel(R) Processor (CVE-2022-21123) - Medium [251]

Description: Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

qualys: Microsoft Advisory 220002, Intel-SA-00615 On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities. These vulnerabilities are known as: CVE-2022-21123 | Shared Buffer Data Read (SBDR) CVE-2022-21125 | Shared Buffer Data Sampling (SBDS) CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 | Device Register Partial Write (DRPW) Important: These vulnerabilities might affect other operating systems and service providers. We advise customers to seek guidance from their respective vendors.

87. Information Disclosure - Intel(R) Processor (CVE-2022-21125) - Medium [251]

Description: Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

qualys: Microsoft Advisory 220002, Intel-SA-00615 On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities. These vulnerabilities are known as: CVE-2022-21123 | Shared Buffer Data Read (SBDR) CVE-2022-21125 | Shared Buffer Data Sampling (SBDS) CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 | Device Register Partial Write (DRPW) Important: These vulnerabilities might affect other operating systems and service providers. We advise customers to seek guidance from their respective vendors.

88. Information Disclosure - Intel(R) Processor (CVE-2022-21127) - Medium [251]

Description: Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

qualys: Microsoft Advisory 220002, Intel-SA-00615 On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities. These vulnerabilities are known as: CVE-2022-21123 | Shared Buffer Data Read (SBDR) CVE-2022-21125 | Shared Buffer Data Sampling (SBDS) CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 | Device Register Partial Write (DRPW) Important: These vulnerabilities might affect other operating systems and service providers. We advise customers to seek guidance from their respective vendors.

89. Information Disclosure - Intel(R) Processor (CVE-2022-21166) - Medium [251]

Description: Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

qualys: Microsoft Advisory 220002, Intel-SA-00615 On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities. These vulnerabilities are known as: CVE-2022-21123 | Shared Buffer Data Read (SBDR) CVE-2022-21125 | Shared Buffer Data Sampling (SBDS) CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 | Device Register Partial Write (DRPW) Important: These vulnerabilities might affect other operating systems and service providers. We advise customers to seek guidance from their respective vendors.

Low (4)

90. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-1637) - Low [151]

Description: {'ms_cve_data_all': 'Chromium: CVE-2022-1637 Inappropriate implementation in Web Contents. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2022-1637 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

91. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-1862) - Low [151]

Description: {'ms_cve_data_all': 'Chromium: CVE-2022-1862 Inappropriate implementation in Extensions. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2022-1862 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

92. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-1868) - Low [151]

Description: {'ms_cve_data_all': 'Chromium: CVE-2022-1868 Inappropriate implementation in Extensions API. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2022-1868 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

93. Unknown Vulnerability Type - Microsoft Edge (CVE-2022-1875) - Low [151]

Description: {'ms_cve_data_all': 'Chromium: CVE-2022-1875 Inappropriate implementation in PDF. This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.\n', 'nvd_cve_data_all': '', 'attackerkb_cve_data_all': '', 'vulners_cve_data_all': 'This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.', 'combined_cve_data_all': ''}

MS PT Extended: CVE-2022-1875 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

Exploitation in the wild detected (1)

Remote Code Execution (1)

• Microsoft Windows Support Diagnostic Tool (MSDT) (CVE-2022-30190)

MS PT Extended: CVE-2022-30190 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Patch Tuesday Summary Microsoft has fixed 55 vulnerabilities (aka flaws) in the June 2022 update, including three (3) vulnerabilities classified as Critical as they allow Remote Code Execution (RCE). This month’s Patch Tuesday cumulative Windows update includes the fix for one (1) zero-day vulnerability (CVE-2022-30190). Microsoft also released an advisory for Intel Processor MMIO Stale Data Vulnerabilitie to address four (4) Intel vulnerabilities (Microsoft Advisory 220002, Intel-SA-00615). Microsoft has fixed several flaws in its software, including Denial of Service (DoS), Elevation of Privilege, Information Disclosure, Remote Code Execution (RCE), Security Feature Bypass, and Spoofing vulnerabilities. Many of the vulnerabilities patched this month relate to remote code execution, but there are no reports of active exploitation in the wild with the exception of an update to CVE-2022-30190, a Microsoft Windows Support Diagnostic Tool (MSDT) vulnerability made public in May.

qualys: CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.8/10. Microsoft has fixed the widely-exploited Windows Follina MSDT zero-day vulnerability tracked as CVE-2022-30190 in the June 2022 Updates. The update for this vulnerability is in the June 2022 cumulative Windows Updates. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action. Exploitability Assessment: Exploitation Detected. On May 31st Qualys released QID 91909 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability (Follina) (Zero Day).On June 14th, Microsoft released the patch for this vulnerability in the June 2022 cumulative Windows Updates. Qualys will modify our existing detection signature to check for the PATCH ONLY and apply a minor title revision to remove the zero-day reference: QID 91909  Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability (Follina).Qualys will also release a NEW Information Gathered (IG) detection that will test for the MITIGATION ONLY: QID 45538 Microsoft Support Diagnostic Tool (MSDT) URL Protocol Vulnerability Disabled (Follina Mitigation Enabled).These updates will be included in the June 14th evening’s Patch Tuesday release cycle. (VULNSIGS-2.5.504-4, QAGENT-SIGNATURE-SET-2.5.504.4-3, LX_MANIFEST-2.5.504.4-4)

qualys: Examine a potential attack vector as well as technical details of Follina, and chart the ability to detect this new vulnerability using both Qualys Multi-Vector EDR and Qualys Context XDR. Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR

tenable: CVE-2022-30190, also known as “Follina” — the RCE vulnerability in the Microsoft Windows Support Diagnostic Tool that was disclosed in late May and exploited in the wild — has now received patches for affected Windows systems. While Microsoft had provided mitigation guidance in an advisory on May 30, patches were not released until June 14.

rapid7: June's Patch Tuesday sees Microsoft releasing fixes for over 60 CVEs. Top of mind for many administrators this month is CVE-2022-30190, also known as Follina, which was observed being exploited in the wild at the end of May. Microsoft provided mitigation instructions (disabling the MSDT URL protocol via the registry), but actual patches were not available until today’s cumulative Windows Updates. Even if the mitigation was previously applied, installing the updates is highly recommended.

zdi: CVE-2022-30190 - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. Although it’s difficult to see from the Security Update Guide, Microsoft did release an update to address the much discuss “Follina” vulnerability in MSDT. This bug has been reported to be under active attack, so priority should be given to the testing and deployment of this update.

Public exploit exists, but exploitation in the wild is NOT detected (1)

Remote Code Execution (1)

• Windows Network File System (CVE-2022-30136)

qualys: CVE-2022-30136 | Windows Network File System Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 9.8/10. This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE). Exploitability Assessment: Exploitation More Likely.

tenable: CVE-2022-30136 is a RCE vulnerability in the network file system (NFS) that can be exploited by an unauthenticated attacker using a specially crafted call to a NFS service. The vulnerability received a 9.8 CVSSv3 score and Microsoft rated this as “Exploitation More Likely” according to its Exploitability Index. The advisory notes that NFS versions 2.0 and 3.0 are not affected and administrators can disable NFS version 4.1 to mitigate this flaw. Disabling NFSv4.1 could have adverse impacts, so organizations should carefully consider this step before adopting it. Microsoft does note that this is only a temporary mitigation option, organizations should apply the patch as soon as possible. The advisory also provides a warning that you should not disable NFSv4.1 unless you have installed the May 2022 Windows security updates, specifically the updates addressing CVE-2022-26937.

tenable: Both CVE-2022-30136 and CVE-2022-26937 are credited to Yuki Chen, a prolific researcher with Cyber KunLun who has been credited with discovering nine vulnerabilities in Microsoft products in June 2022.

rapid7: None of the other CVEs being addressed this month have been previously disclosed or seen exploited yet. However, it won’t be long before attackers start looking at CVE-2022-30136, a critical remote code execution (RCE) vulnerability affecting the Windows Network File System (NFS). Last month, Microsoft fixed a similar vulnerability (CVE-2022-26937) affecting NFS v2.0 and v3.0. CVE-2022-30136, on the other hand, is only exploitable in NFS v4.1. Microsoft has provided mitigation guidance to disable NFS v4.1, which should only be done if the May updates fixing previous NFS versions have been applied. Again, even if the mitigation has been put into place, best to patch sooner rather than later.

zdi: CVE-2022-30136 - Windows Network File System Remote Code Execution Vulnerability. This CVSS 9.8 bug looks eerily similar to CVE-2022-26937 – an NFS bug patched last month and one we blogged about last week. This vulnerability could allow a remote attacker to execute privileged code on affected systems running NFS. On the surface, the only difference between the patches is that this month’s update fixes a bug in NFSV4.1, whereas last month’s bug only affected versions NSFV2.0 and NSFV3.0. It’s not clear if this is a variant or a failed patch or a completely new issue. Regardless, enterprises running NFS should prioritize testing and deploying this fix.

Other Vulnerabilities (91)

Remote Code Execution (27)

• Windows LDAP (CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161)

qualys: CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. For more information, please see LDAP policies. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. Exploitability Assessment: Exploitation Less Likely.

tenable: Two of the CVEs, CVE-2022-30153 and CVE-2022-30161 received CVSSv3 scores of 8.8, CVE-2022-30141 was scored at 8.1, and the remainder of the flaws each were scored at 7.5. Microsoft has rated all of these vulnerabilities as “Exploitation Less Likely.” The vulnerability descriptions for CVE-2022-30139, CVE-2022-30141 and CVE-2022-30143 provide the same caveat that the vulnerability only exists if the “MaxReceiveBuffer” LDAP policy is configured to a higher value than the default value (i.e. a higher maximum number of threads LDAP requests can contain per processor). A system with the default value for the policy would not be affected. In the case of both CVE-2022-30139 and CVE-2022-30141, no user interaction is required, however an attacker must “prepare the target environment to improve exploit reliability.” The remainder of the CVEs all require some form of user interaction in order to exploit the vulnerability.

rapid7: Also reminiscent of last month is CVE-2022-30139, a critical RCE in LDAP carrying a CVSSv3 base score of 7.1, which again is only exploitable if the MaxReceiveBuffer LDAP policy value is set higher than the default. Rounding out the critical RCEs for June is CVE-2022-30163, which could allow a malicious application running on a Hyper-V guest to execute code on the host OS.

• Windows Encrypting File System (CVE-2022-30145)

qualys: CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 7.5/10. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability. Exploitability Assessment: Exploitation Less Likely.

• Microsoft Edge (CVE-2022-22021)

MS PT Extended: CVE-2022-22021 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

• Azure RTOS (CVE-2022-30177, CVE-2022-30178, CVE-2022-30179)
• Microsoft SharePoint (CVE-2022-30157, CVE-2022-30158)

qualys: CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. In a network-based attack, an attacker would need to have the privileges to create a page on a vulnerable SharePoint server. By creating a site using specific code, the attacker could execute code remotely on the target server. The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability. Exploitability Assessment: Exploitation Less Likely.

qualys: CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. An authenticated attacker with access to a server that has Sandboxed Code Service enabled could execute code in the context of the web service account. The attacker must be authenticated and possess the permissions for page creation to be able to exploit this vulnerability. Exploitability Assessment: Exploitation Unlikely.

• Windows File History (CVE-2022-30142)
• Windows iSCSI Discovery Service (CVE-2022-30140)
• HEVC Video Extensions (CVE-2022-22018, CVE-2022-29111, CVE-2022-29119, CVE-2022-30188)
• Microsoft Excel (CVE-2022-30173)
• Microsoft SQL (CVE-2022-29143)
• Windows Hyper-V (CVE-2022-30163)

qualys: CVE-2022-30163 | Windows Hyper-V Remote Code Execution (RCE) Vulnerability This vulnerability has a CVSSv3.1 score of 8.5/10. To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Successful exploitation of this vulnerability requires an attacker to win a race condition. In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest’s security boundary to execute code on the Hyper-V host execution environment. Exploitability Assessment: Exploitation Less Likely.

rapid7: Also reminiscent of last month is CVE-2022-30139, a critical RCE in LDAP carrying a CVSSv3 base score of 7.1, which again is only exploitable if the MaxReceiveBuffer LDAP policy value is set higher than the default. Rounding out the critical RCEs for June is CVE-2022-30163, which could allow a malicious application running on a Hyper-V guest to execute code on the host OS.

zdi: CVE-2022-30163 - Windows Hyper-V Remote Code Execution Vulnerability. This bug could allow a user on a Hyper-V guest to run their code on the underlying Hyper-V host OS. The update doesn’t list the privileges the attacker’s code would run at, but any guest-to-host escape should be taken seriously. Microsoft notes that attack complexity is high since an attacker would need to win a race condition. However, we have seen many reliable exploits demonstrated that involve race conditions, so take the appropriate step to test and deploy this update.

• Microsoft Office (CVE-2022-30174)
• AV1 Video Extension (CVE-2022-30167, CVE-2022-30193)
• Microsoft Photos App (CVE-2022-30168)

Security Feature Bypass (7)

• Kerberos (CVE-2022-30164)

qualys: CVE-2022-30164 | Windows Kerberos AppContainer Security Feature Bypass Vulnerability This vulnerability has a CVSSv3.1 score of 8.4/10. A low privilege attacker could execute a script within an App Container to request a service ticket and thereby gain elevation to the service privilege. An attacker could bypass the Kerberos service ticketing feature which performs user access control checks In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. Exploitability Assessment: Exploitation Less Likely.

• Microsoft Edge (CVE-2022-1857, CVE-2022-1867, CVE-2022-1871, CVE-2022-1872, CVE-2022-1873, CVE-2022-1874)

MS PT Extended: CVE-2022-1871 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1872 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1873 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1874 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1867 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1857 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

Elevation of Privilege (15)

• Open Management Infrastructure (CVE-2022-29149)
• Kerberos (CVE-2022-30165)

qualys: CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability This vulnerability has a CVSSv3.1 score of 8.8/10. Systems configured to activate both of the following features in Windows Server: CredSSP (Credential Security Service Provider) and RCG (Remote Credential Guard) might be vulnerable to this exploit. An authenticated attacker could exploit this vulnerability to elevate privileges and then spoof the Kerberos login process when a remote credential guard connection is made via CredSSP over the network. Exploitability Assessment: Exploitation Less Likely.

• Azure Service Fabric Container (CVE-2022-30137)
• Windows Container Isolation FS Filter Driver (CVE-2022-30131)
• Windows Container Manager Service (CVE-2022-30132)
• Microsoft Edge (CVE-2022-30127, CVE-2022-30128)

MS PT Extended: CVE-2022-30127 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-30128 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

• Microsoft Local Security Authority Server (CVE-2022-30166)
• Windows Advanced Local Procedure Call (CVE-2022-30160)

tenable: CVE-2022-30160 is an EoP vulnerability affecting the advanced local procedure call (ALPC), a message-passing mechanism for internal operating system communications. With a CVSSv3 score of 7.8, this vulnerability can be exploited by a local, authenticated attacker. Researcher Jarvis_1oop is credited with discovering this flaw, which was rated as“Exploitation More Likely.” patches are available for all supported Windows variants including Windows Server Core installations.

• Windows Defender Remote Credential Guard (CVE-2022-30150)
• Windows Installer (CVE-2022-30147)

tenable: CVE-2022-30147 is an EoP vulnerability affecting the Windows Installer. The flaw received a 7.8 CVSSv3 score and can be exploited by a local, authenticated attacker. Microsoft’s exploitability assessment rates this vulnerability as “Exploitation More Likely” and patches are available for all supported Windows variants including Windows Server Core Installations. This vulnerability was an internal discovery at Microsoft credited to Levi Broderick with Microsoft and Andrew Ruddick.

• Windows Media Center (CVE-2022-30135)
• Windows Print Spooler (CVE-2022-30138)

MS PT Extended: CVE-2022-30138 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

• Windows Ancillary Function Driver for WinSock (CVE-2022-30151)
• Microsoft File Server Shadow Copy Agent Service (RVSS) (CVE-2022-30154)

Spoofing (2)

• Windows Autopilot Device Management and Enrollment Client (CVE-2022-30189)
• Microsoft Edge (CVE-2022-26905)

MS PT Extended: CVE-2022-26905 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

Denial of Service (3)

• Windows Network Address Translation (NAT) (CVE-2022-30152)
• Windows Kernel (CVE-2022-30155)
• Windows SMB (CVE-2022-32230)

Information Disclosure (11)

• .NET (CVE-2022-30184)
• Azure RTOS (CVE-2022-30180)
• Windows Kernel (CVE-2022-30162)
• Windows Desired State Configuration (DSC) (CVE-2022-30148)

zdi: CVE-2022-30148 - Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. Most info disclosure bugs simply leak unspecified memory contents, but this bug is different. An attacker could use this to recover plaintext passwords and usernames from log files. Since DSC is often used by SysAdmins to maintain machine configurations in an enterprise, there are likely some sought-after username/password combos that could be recovered. This would also be a great bug for an attacker to move laterally within a network. If you’re using DSC, make sure you don’t miss this update.

• Microsoft Office (CVE-2022-30159, CVE-2022-30171, CVE-2022-30172)
• Intel(R) Processor (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166)

qualys: Microsoft Advisory 220002, Intel-SA-00615 On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities. These vulnerabilities are known as: CVE-2022-21123 | Shared Buffer Data Read (SBDR) CVE-2022-21125 | Shared Buffer Data Sampling (SBDS) CVE-2022-21127 | Special Register Buffer Data Sampling Update (SRBDS Update) CVE-2022-21166 | Device Register Partial Write (DRPW) Important: These vulnerabilities might affect other operating systems and service providers. We advise customers to seek guidance from their respective vendors.

Memory Corruption (22)

• Microsoft Edge (CVE-2022-1634, CVE-2022-1635, CVE-2022-1636, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1853, CVE-2022-1854, CVE-2022-1855, CVE-2022-1856, CVE-2022-1858, CVE-2022-1859, CVE-2022-1863, CVE-2022-1864, CVE-2022-1865, CVE-2022-1869, CVE-2022-1870, CVE-2022-1876, CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, CVE-2022-2011)

MS PT Extended: CVE-2022-2011 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1640 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1863 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1855 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1856 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1853 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-2008 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1638 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1859 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1864 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1870 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1869 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1858 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-2010 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1865 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1639 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1854 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1635 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1634 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-2007 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1636 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1876 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

qualys: Microsoft Last But Not Least Earlier in June, Microsoft released Microsoft Edge (Chromium-based) vulnerabilities on June 9 Microsoft Edge (Chromium-based) Remote Code Execution (RCE) Vulnerability (CVE-2022-22021) and an additional four (4) vulnerabilities on June 13 (CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, CVE-2022-2007).

Unknown Vulnerability Type (4)

• Microsoft Edge (CVE-2022-1637, CVE-2022-1862, CVE-2022-1868, CVE-2022-1875)

MS PT Extended: CVE-2022-1637 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1875 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1868 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13

MS PT Extended: CVE-2022-1862 was published before June 2022 Patch Tuesday from 2022-05-11 to 2022-06-13