Virtual Administrator’s June 2022 Patch Recommendations
This month Microsoft released patches for 55 vulnerabilities with 3 rated “Critical” in severity.
All patches will be approved in our patch policy.
Fewer patches this month. The big news since last month was the zero-day flaw “Follina” (CVE-2022-30190) made public knowledge on May 27. We posted scripts on ClubMSP to implement the mitigation measures and Microsoft has released fixes in the June updates/rollups.
There is also a Security Advisory (ADV220002) with recommendations to address a vulnerability announced by Intel. Microsoft SharePoint server contains a remote code execution (RCE) vulnerability (CVE-2022-30157). Windows Hyper-V has a high-severity RCE vulnerability (CVE-2022-30163). CVE-2022-30136 is RCE flaw in the Windows Network File System (NFS version 4.1). There are a few known issues. Microsoft acknowledged a potential issue with the Wi-Fi hotspot feature. Also we’ve seen a few reports of this month’s patches causing VSS problems with server backups. See Known Issues below.
Notable News: Internet Explorer 11 has retired and is officially out of support
Internet Explorer 11 desktop application ended support for certain operating systems
Security Update Guide
Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com
Microsoft Security Advisories
ADV220002 | Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities (Released: 06/14/2022)
Recommended Actions: Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities.
A few known issues are listed below and include problems with SharePoint, the Wi-Fi hotspot feature and server backups.
Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.
KB5002219 SharePoint Foundation 2013
Symptom: You may receive error messages when you use a sandbox solution or web part in SharePoint Foundation 2013. For more information, see “Type was not resolvable” error when you use sandbox solution or web part (KB5015556).
Workaround: “Type was not resolvable” error when you use sandbox solution or web part (KB5015556)
Windows devices might be unable to use the Wi-Fi hotspot
Symptom: After installing this update, Windows devices might be unable to use the Wi-Fi hotspot feature. When attempting to use the hotspot feature, the host device might lose the connection to the Internet after a client device connects.
Workaround: To mitigate the issue and restore Internet access on the host device, you can disable the Wi-Fi hotspot feature. For instructions, please see Use your Windows PC as a mobile hotspot.
Status: We are presently investigating and will provide an update in an upcoming release.
Use your Windows PC as a mobile hotspot
Unconfirmed reported issues
Microsoft: June Windows Server updates may cause backup issues
The issue occurs due to security enforcement introduced to address an elevation of privilege vulnerability (CVE-2022-30154) in the Microsoft File Server Shadow Copy Agent Service (RVSS).
Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.
Windows release health
Monthly Rollup/Security Only/Windows 10,11/Server 2016,2019,2022 KBs
Links are https://support.microsoft.com/en-us/help/####### with the KB number only.
Security and Quality Rollup
- KB5014748 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5014738 – Windows 8.1, Windows Server 2012 R2
- KB5014747 – Windows Server 2012
- KB5014752 – Windows Server 2008 (ESU)
Security Only Update
- KB5014742 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5014746 – Windows 8.1, Windows Server 2012 R2
- KB5014741 – Windows Server 2012
- KB5014743 – Windows Server 2008 (ESU)
- KB5014710 – Original release version 1507 (OS Build 10240)
- KB5014702 – Version 1607 “Anniversary Update” (OS Build 14393)
- KB5014692 – Version 1809 “October 2018 Update” (OS Build 17763)
- KB5014699 – Version 20H2 “October 2020 Update” (OS Build 19042)
- KB5014699 – Version 21H1 “May 2021 Update” (OS Build 19043)
- KB5014699 – Version 21H2 “November 2021 Update” (OS Build 19044)
(Versions 1511,1703,1709,1803,1903,2004 are no longer under support)
- KB5014697 – Original release (OS Build 22000)
- KB5014702 – Server 2016 (same KB as Windows 10 Version 1607)
- KB5014692 – Server 2019 (same KB as Windows 10 Version 1809)
- KB5014678 – Server 2022 (OS Build 20348)
June 2022 updates for Microsoft Office
CVE-2022-30136 | Windows Network File System Remote Code Execution (RCE) Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-30139 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) Vulnerability (Cumulative Update)
CVE-2022-30145 | Windows Encrypting File System (EFS) Remote Code Execution (RCE) Vulnerability (Cumulative Update)
CVE-2022-30157 | Microsoft SharePoint Server Remote Code Execution Vulnerability KB5002167,KB5002212,KB5002222,KB5002224)
CVE-2022-30158 | Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability (KB5002212,KB5002218,KB5002219,KB5002222,KB5002224,KB5002212)
CVE-2022-30163 | Windows Hyper-V Remote Code Execution (RCE) Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-30164 | Kerberos AppContainer Security Feature Bypass Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-30165 | Windows Kerberos Elevation of Privilege Vulnerability (Cumulative Update)
CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)
Windows Follina MSDT zero-day vulnerability