Virtual Administrator’s June 2022 Patch Recommendations

patch-recommedation

This month Microsoft released patches for 55 vulnerabilities with 3 rated “Critical” in severity.

All patches will be approved in our patch policy.

Fewer patches this month. The big news since last month was the zero-day flaw “Follina” (CVE-2022-30190) made public knowledge on May 27. We posted scripts on ClubMSP to implement the mitigation measures and Microsoft has released fixes in the June updates/rollups.

There is also a Security Advisory (ADV220002) with recommendations to address a vulnerability announced by Intel. Microsoft SharePoint server contains a remote code execution (RCE) vulnerability (CVE-2022-30157).  Windows Hyper-V has a high-severity RCE vulnerability (CVE-2022-30163). CVE-2022-30136 is RCE flaw in the Windows Network File System (NFS version 4.1).  There are a few known issues. Microsoft acknowledged a potential issue with the Wi-Fi hotspot feature. Also we’ve seen a few reports of this month’s patches causing VSS problems with server backups. See Known Issues below.

 

Disclosed: CVE-2022-30190

Exploited: CVE-2022-30190

 

Notable News: Internet Explorer 11 has retired and is officially out of support

Internet Explorer 11 desktop application ended support for certain operating systems

https://docs.microsoft.com/en-us/lifecycle/announcements/internet-explorer-11-end-of-support

 

Security Update Guide

https://portal.msrc.microsoft.com/en-us/security-guidance

 

Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com

 

Microsoft Security Advisories

 

ADV220002 | Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities (Released: 06/14/2022)

https://msrc.microsoft.com/update-guide/vulnerability/ADV220002

Recommended Actions: Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities.

 

Known Issues

A few known issues are listed below and include problems with SharePoint, the Wi-Fi hotspot feature and server backups.

 

Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.

 

KB5002219 SharePoint Foundation 2013

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-sharepoint-foundation-2013-june-14-2022-kb5002219-bda3ac31-8e1a-4104-9dd6-a815e3454382

Symptom: You may receive error messages when you use a sandbox solution or web part in SharePoint Foundation 2013. For more information, see “Type was not resolvable” error when you use sandbox solution or web part (KB5015556).

Workaround: “Type was not resolvable” error when you use sandbox solution or web part (KB5015556)

https://support.microsoft.com/en-us/topic/-type-was-not-resolvable-error-when-you-use-sandbox-solution-or-web-part-kb5015556-e37e13e5-1c33-4a64-8b93-a7cd20ef8fe9

 

Windows devices might be unable to use the Wi-Fi hotspot

Symptom: After installing this update, Windows devices might be unable to use the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the Internet after a client device connects.

Workaround: To mitigate the issue and restore Internet access on the host device, you can disable the Wi-Fi hotspot feature. For instructions, please see Use your Windows PC as a mobile hotspot.

Status: We are presently investigating and will provide an update in an upcoming release.

 

Use your Windows PC as a mobile hotspot

https://support.microsoft.com/en-us/windows/use-your-windows-pc-as-a-mobile-hotspot-c89b0fad-72d5-41e8-f7ea-406ad9036b85

 

Unconfirmed reported issues

Microsoft: June Windows Server updates may cause backup issues

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-windows-server-updates-may-cause-backup-issues/

The issue occurs due to security enforcement introduced to address an elevation of privilege vulnerability (CVE-2022-30154) in the Microsoft File Server Shadow Copy Agent Service (RVSS).

 

Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.

Windows release health

https://docs.microsoft.com/en-us/windows/release-health/

 

Monthly Rollup/Security Only/Windows 10,11/Server 2016,2019,2022 KBs

Links are https://support.microsoft.com/en-us/help/####### with the KB number only.

 

Security and Quality Rollup

  • KB5014748 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5014738 – Windows 8.1, Windows Server 2012 R2
  • KB5014747 – Windows Server 2012
  • KB5014752 – Windows Server 2008 (ESU)

 

Security Only Update

  • KB5014742 – Windows 7, Windows Server 2008 R2 (ESU)
  • KB5014746 – Windows 8.1, Windows Server 2012 R2
  • KB5014741 – Windows Server 2012
  • KB5014743 – Windows Server 2008 (ESU)

 

Cumulative Updates

Windows 10

  • KB5014710 – Original release version 1507 (OS Build 10240)
  • KB5014702 – Version 1607 “Anniversary Update” (OS Build 14393)
  • KB5014692 – Version 1809 “October 2018 Update” (OS Build 17763)
  • KB5014699 – Version 20H2 “October 2020 Update” (OS Build 19042)
  • KB5014699 – Version 21H1 “May 2021 Update” (OS Build 19043)
  • KB5014699 – Version 21H2 “November 2021 Update” (OS Build 19044)

(Versions 1511,1703,1709,1803,1903,2004 are no longer under support)

 

Windows 11

  • KB5014697 – Original release (OS Build 22000)

 

Windows Server

  • KB5014702 – Server 2016 (same KB as Windows 10 Version 1607)
  • KB5014692 – Server 2019 (same KB as Windows 10 Version 1809)
  • KB5014678 – Server 2022 (OS Build 20348)

 

June 2022 updates for Microsoft Office

https://support.microsoft.com/en-us/topic/june-2022-updates-for-microsoft-office-d94d40c4-fea1-47a7-a376-6abd34397ae8

 

Notable CVEs

 

CVE-2022-30136 | Windows Network File System Remote Code Execution (RCE) Vulnerability (Cumulative Update/Monthly Rollup)

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30136

 

CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) Vulnerability (Cumulative Update)

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30139

 

CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution (RCE) Vulnerability (Cumulative Update)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30145

 

CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution Vulnerability KB5002167,KB5002212,KB5002222,KB5002224)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30157

 

CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability (KB5002212,KB5002218,KB5002219,KB5002222,KB5002224,KB5002212)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30158

 

CVE-2022-30163 | Windows Hyper-V Remote Code Execution (RCE) Vulnerability (Cumulative Update/Monthly Rollup)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30163

 

CVE-2022-30164 | Kerberos AppContainer Security Feature Bypass Vulnerability (Cumulative Update/Monthly Rollup)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30164

 

CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability (Cumulative Update)

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30165

 

CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190

Windows Follina MSDT zero-day vulnerability

Latest Patch Updates

Virtual Administrator’s April Patch Recommendations

Read More

Third Party Updates 3-15-2024

Read More

Virtual Administrator’s March Patch Recommendations

Read More

Virtual Administrator’s February Patch Recommendations

Read More

Third Party Updates 1-12-2024

Read More

Virtual Administrator’s January 2024 Patch Recommendations

Read More