Randy Franklin Smith's Ultimate Windows Security

Upcoming Webinars

Tier Zero: What It Is, Its Importance, Its Boundaries, and Detecting Out-of-Bounds Activity

Webinar Library

Latest Blogs

Recent Security Features in Active Directory You Probably Aren't Using

Active Directory security features you probably aren’t using and more in my sessions at The Experts Conference 2019

How to Detect Pass-the-Hash Attacks Blog Series

Come meet Randy in Orlando at Microsoft Ignite at Quest's Booth #1818

Detecting Pass-the-Hash with Honeypots

Catch Malware Hiding in WMI with Sysmon

For of all sad words of tongue or pen, the saddest are these: 'We weren’t logging’

Experimenting with Windows Security: Controls for Enforcing Policies

Sysmon Event IDs 1, 6, 7 Report All the Binary Code Executing on Your Network

Yet Another Ransomware Can That Can be Immediately Detected with Process Tracking on Workstations

Top Resources

Security Log

Additional Resources

June, 2022: Patch Tuesday: Follina patched and 3 critical updates

Welcome to my June Patch Tuesday newsletter. Let's get right to it. The big patch this month is CVE-2022-30190. As you have surely heard in the news this Follina zero-day is currently being exploited. This exploit was easily executed simply by opening a targeted Word document. Thankfully Microsoft has released a patch that you will want to apply ASAP. You will also want to give attention to the three yellow highlighted CVE's in the chart below. Microsoft has given these an exploitability assessment of "Exploitation More Likely". In addition to these, there are also three CVE's with a severity rating of Critical this month; CVE-2022-30136, CVE-2022-30139 and CVE-2022-30163. Of the 55 CVE's this month being addressed these 6 should be your top priority.

Patch data provided by:
Technology	Products Affected	Severity	Reference	Workaround/ Exploited / Publicly Disclosed	Vulnerability Info
Windows	Windows 7, 8.1, RT 8.1, 10, 11 Server 2008 SP2, 2008R2, 2012, 2012 R2, 2016, 2019, 2022 including Server Core Installations 2022 including Azure Edition Core Hotpatch AV1 & HEVC Video Extension	Critical	CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 CVE-2022-22018 CVE-2022-29111 CVE-2022-29119 CVE-2022-30131 CVE-2022-30132 CVE-2022-30135 CVE-2022-30136 CVE-2022-30138 CVE-2022-30139 CVE-2022-30140 CVE-2022-30141 CVE-2022-30142 CVE-2022-30143 CVE-2022-30145 CVE-2022-30146 CVE-2022-30147 CVE-2022-30148 CVE-2022-30149 CVE-2022-30150 CVE-2022-30151 CVE-2022-30152 CVE-2022-30153 CVE-2022-30154 CVE-2022-30155 CVE-2022-30160 CVE-2022-30161 CVE-2022-30162 CVE-2022-30163 CVE-2022-30164 CVE-2022-30165 CVE-2022-30166 CVE-2022-30167 CVE-2022-30188 CVE-2022-30189 CVE-2022-30190 CVE-2022-30193 CVE-2022-32230	Workaround: No Exploited: Yes Public: Yes	Denial of Service Elevation of Privilege Information Disclosure Remote Code Execution Security Feature Bypass Spoofing
Edge	Chromium-based	Moderate	CVE-2022-22021 CVE-2022-26905 CVE-2022-30127 CVE-2022-30128	Workaround: No Exploited: No Public: No	Elevation of Privilege Remote Code Execution Spoofing
.NET Framework	Core 3.1 .NET 6.0 Also Nuget.exe	Important	CVE-2022-30184	Workaround: No Exploited: No Public: No	Information Disclosure
Visual Studio	2019 16.11 through 16.0 2022 17.0, 17.2 2019 for Mac 8.10 2022 for Mac 17.0	Important	CVE-2022-30184	Workaround: No Exploited: No Public: No	Information Disclosure
Office	365 Apps for Enterprise Excel 2013 RT SP1, 2013 SP1, 2016 Online Server Web Apps Server 2013 SP1 LTSC 2021	Important	CVE-2022-30159 CVE-2022-30171 CVE-2022-30172 CVE-2022-30173 CVE-2022-30174	Workaround: No Exploited: No Public: No	Remote Code Execution Information Disclosure
SharePoint Server	Enterprise Server 2013 SP1, 2016, 2019 Foundation 2013 SP1 Server Subscription Edition	Important	CVE-2022-30157 CVE-2022-30158 CVE-2022-30159 CVE-2022-30171 CVE-2022-30172	Workaround: No Exploited: No Public: No	Remote Code Execution Information Disclosure
SQL Server	2014 SP3 CU4 and GDR 2016 SP2 CU17 and GDR 2016 SP3 GDR and Azure Connectivity Pack 2017 CU29 and GDR 2019 CU16 and GDR	Important	CVE-2022-29143	Workaround: No Exploited: No Public: No	Remote Code Execution
Azure	Automation State Configuration, DSC Extension Automation Update Management Diagnostics (LAD) Open Management Infrastructure Real Time Operating System (GUIX) Security Center Sentinel Service Fabric Stack Hub Container Monitoring Solution Log Analytics Agent	Important	CVE-2022-29149 CVE-2022-30137 CVE-2022-30177 CVE-2022-30178 CVE-2022-30179 CVE-2022-30180	Workaround: No Exploited: No Public: No	Information Disclosure Remote Code Execution Elevation of Privilege
System Center	SCOM 2016, 2019, 2022	Important	CVE-2022-29149	Workaround: No Exploited: No Public: No	Elevation of Privilege
Apps	Microsoft Photos	Important	CVE-2022-30168	Workaround: No Exploited: No Public: No	Remote Code Execution

Send me this chart next Patch Tuesday.

User name:
Password:
	/ Forgot?
	Register

June 2022 Patch Tuesday	"Patch Tuesday: Follina patched and 3 critical updates " - sponsored by Supercharger

Home

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2022 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.