Microsoft Security Update Revisions (17.3.2022)

Publiziert am 18. März 2022 von Günter Born

Microsoft hat zum 17. März 2022 Revisionen seiner Sicherheitswarnungen und Update-Beschreibungen veröffentlicht. Hier eine Zusammenfassung dieser Revisionen, die mir per Mail zuging.

Anzeige

*********************************************************
Title: Microsoft Security Update Revisions
Issued: March 17, 2022
*********************************************************

Summary
=======

The following CVEs have undergone revision increments.
=========================================================

* CVE-2020-8927
* CVE-2022-24512
* CVE-2022-24511

Anzeige

CVE-2020-8927 | Brotli Library Buffer Overflow Vulnerability
– Version: 2.0
– Reason for Revision: Revised the Security Updates table to include PowerShell 7.0,
   PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
   affected by this vulnerability. See
   Github for more information.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-24512 | .NET and Visual Studio Remote Code Execution Vulnerability
– Version: 2.0
– Reason for Revision: Revised the Security Updates table to include PowerShell 7.0,
   PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
   affected by this vulnerability. See
   Github for more information.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-24511 | Microsoft Office Word Tampering Vulnerability
– Version: 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to
   take any action. See the Release Notes for more information and download links.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

Reason for Revision for the following CVEs: Corrected Download and Article links
in the Security Updates table. This is an informational change only.

* CVE-2022-21977
* CVE-2022-22010
* CVE-2022-23283
* CVE-2022-23285
* CVE-2022-23299

CVE-2022-21977 | Media Foundation Information Disclosure Vulnerability
– Version: 1.2
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-22010 | Media Foundation Information Disclosure Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23283 | Windows ALPC Elevation of Privilege Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23285 | Remote Desktop Client Remote Code Execution Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 17, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23299 | Windows PDEV Elevation of Privilege Vulnerability
– Version: 1.1
– Updated: March 17, 2022
– Aggregate CVE Severity Rating: Important

Anzeige
Dieser Beitrag wurde unter Sicherheit abgelegt und mit verschlagwortet. Setze ein Lesezeichen auf den Permalink.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Hinweis: Bitte beachtet die Regeln zum Kommentieren im Blog (Erstkommentare und Verlinktes landet in der Moderation, gebe ich alle paar Stunden frei, SEO-Posts/SPAM lösche ich rigoros). Kommentare abseits des Themas bitte unter Diskussion.

Du findest den Blog gut, hast aber Werbung geblockt? Du kannst diesen Blog auch durch eine Spende unterstützen.