Virtual Administrator’s March 2022 Patch Recommendations
This month Microsoft released patches for 71 vulnerabilities with 3 rated “Critical” and 68 “Important” in severity.
All patches have been approved in our patch policy.
This month includes 71 vulnerabilities of which 3 are rated Critical. None are being actively exploited but 3 Important vulnerabilities are public.
Exchange has a Remote Code Execution (RCE) vulnerability (CVE-2022-23277). Although leveraging this does require authentication, on-prem Exchange servers should be patched immediately.
Another RCE (CVE-2022-24508) exists in Windows SMBv3 Client/Server. There are also 3 Windows Remote Desktop Protocol (RDP) vulnerabilities (CVE-2022-23285,CVE-2022-21990,CVE-2022-24503). There are 5 new standalone SSUs of which 2 are for Windows 10.
FYI – As of May 10, 2022 Windows 10 20H2 Home/Pro and Windows 10 1909 Enterprise/Education support ends.
Disclosed: CVE-2022-21990, CVE-2022-24459, CVE-2022-24512
Security Update Guide
Morphus Labs patch dashboard here: https://patchtuesdaydashboard.com
We will no longer listing “affected software” in this post. Previously Microsoft listed affected “software”. This month the list includes “products, features and roles” which makes the list too long. If you look at the month’s Release Notes on the Security Update Guide page you can view this list.
Microsoft Security Advisories
ADV990001 | Latest Servicing Stack Updates (Published:11/13/2018 | Last Updated:03/08/2022)
Reason for Revision: A Servicing Stack Update has been released for some versions of Windows.
NOTE: Some Windows 10 Security Stack Updates were released as standalone this month.
There are no new known issues posted by Microsoft this month.
The 4 documented issues that have been listed for all Exchange patches released over the past year show up again.
Microsoft continues to list unresolved older problems under the Known Issues for new patches. So if you have not yet experienced one of these issues it is unlikely it will occur now.
Good resource for known issues with Windows 10 patches. Find the version and click on “Known issues”.
Windows release health
Monthly Rollup/Security Only/Windows 10,11/Server 2016,2019,2022 KBs
Links are https://support.microsoft.com/en-us/help/####### with the KB number only.
Security and Quality Rollup
- KB5011552 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5011564 – Windows 8.1, Windows Server 2012 R2
- KB5011535 – Windows Server 2012
- KB5011534 – Windows Server 2008 (ESU)
Security Only Update
- KB5011529 – Windows 7, Windows Server 2008 R2 (ESU)
- KB5011560 – Windows 8.1, Windows Server 2012 R2
- KB5011527 – Windows Server 2012
- KB5011525 – Windows Server 2008 (ESU)
- KB5011491 – Original release version 1507 (OS Build 10240)
- KB5011495 – Version 1607 “Anniversary Update” (OS Build 14393)
- KB5011503 – Version 1809 “October 2018 Update” (OS Build 17763)
- KB5011485 – Version 1909 “November 2019 Update” (OS Build 18363)
- KB5011487 – Version 20H2 “October 2020 Update” (OS Build 19042)
- KB5011487 – Version 21H1 “May 2021 Update” (OS Build 19043)
- KB5011487 – Version 21H2 “November 2021 Update” (OS Build 19044)
(Versions 1511,1703,1709,1803,1903,2004 are no longer under support)
- KB5011493 – Original release (OS Build 22000)
- KB5011495 – Server 2016 (same KB as Windows 10 Version 1607)
- KB5011503 – Server 2019 (same KB as Windows 10 Version 1809)
- KB5011497 – Server 2022 (OS Build 20348)
- KB5011486 – Cumulative security update for Internet Explorer
March 2022 updates for Microsoft Office
CVE-2022-21990 | Remote Desktop Client Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-23277 | Microsoft Exchange Server Remote Code Execution Vulnerability (KB5010324,KB5012698)
CVE-2022-23285 | Remote Desktop Client Remote Code Execution Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-24459 | Windows Fax and Scan Service Elevation of Privilege Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-24503 | Remote Desktop Protocol Client Information Disclosure Vulnerability (Cumulative Update/Monthly Rollup)
CVE-2022-24508 | Windows SMBv3 Client/Server Remote Code Execution Vulnerability (Cumulative Update)