The Microsoft June 2022 Security Updates includes patches and advisories for 55 vulnerabilities, three of those rated Critical severity.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
In all, the Microsoft security updates address vulnerabilities in the following products, features and roles:
- .NET and Visual Studio
- Azure OMI
- Azure Real Time Operating System
- Azure Service Fabric Container
- Microsoft Edge (Chromium-based)
- Microsoft Office
- Microsoft Office Excel
- Microsoft Office SharePoint
- Microsoft Windows ALPC
- Microsoft Windows Codecs Library
- Remote Volume Shadow Copy Service (RVSS)
- Role: Windows Hyper-V
- SQL Server
- Windows Ancillary Function Driver for WinSock
- Windows App Store
- Windows Autopilot
- Windows Container Isolation FS Filter Driver
- Windows Container Manager Service
- Windows Defender
- Windows Encrypting File System (EFS)
- Windows File History Service
- Windows Installer
- Windows iSCSI
- Windows Kerberos
- Windows Kernel
- Windows LDAP – Lightweight Directory Access Protocol
- Windows Local Security Authority Subsystem Service
- Windows Media
- Windows Network Address Translation (NAT)
- Windows Network File System
- Windows PowerShell
- Windows SMB.
Microsoft addressed three Critical remote code execution (RCE) vulnerabilities:
- CVE-2022-30136: Windows Network File System Remote Code Execution Vulnerability (CVSS 9.8)
- CVE-2022-30139: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVSS 7.5)
- CVE-2022-30163: Windows Hyper-V Remote Code Execution Vulnerability (CVSS 8.5).
Microsoft warned CVE-2022-30136 “could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE).”
Moreover, Microsoft confirmed the vulnerability is “more likely” of being exploited.
CVE-2022-30139 is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. However, systems with the policy set to the default value would not be vulnerable.
In addition, Microsoft patched 52 other vulnerabilities rated Important in multiple products. Those issues include Denial of Service, Elevation of Privilege, Information Disclosure, RCE, and Security Feature Bypass Spoofing vulnerabilities.
Just last month, Microsoft also issued a workaround for a vulnerability in its Microsoft Support Diagnostic Tool (MSDT) dubbed “Follina” in Windows.
On May 30, 2022, Microsoft released the guidance for the MSDT remote code execution vulnerability CVE-2022-30190 (CVSS 7.8). A remote, unauthenticated attacker could exploit this vulnerability to take control of an impacted system.
Last week, the software giant also exposed and disabled a Lebanon-based Polonium cyber activity targeting Israeli organizations.
According to Microsoft Threat Intelligence Center (MSTIC), the bad actors created 20 malicious OneDrive applications used to target organizations in Israel with a focus on critical manufacturing, IT, and Israel’s defense industry.
- Microsoft exposes and disables Polonium activity targeting Israeli organizations
- Microsoft issues workaround for Windows Support Diagnostic Tool “Follina” Vulnerability
- Microsoft May 2022 Security Updates addresses 73 vulnerabilities (7 rated Critical, 1 zero-day)
- Adobe has released security updates for multiple Adobe products