{"id":267321,"date":"2022-06-18T15:47:57","date_gmt":"2022-06-18T13:47:57","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=267321"},"modified":"2022-06-18T15:52:36","modified_gmt":"2022-06-18T13:52:36","slug":"microsoft-security-update-revisions-14-juni-2022","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2022\/06\/18\/microsoft-security-update-revisions-14-juni-2022\/","title":{"rendered":"Microsoft Security Update Revisions (14. Juni 2022)"},"content":{"rendered":"

[English<\/a>]Noch eine kurze Info von dieser Woche nachgereicht. Microsoft hat zum 14. Juni 2022 einige Revisionen von Sicherheitsbeschreibungen ver\u00f6ffentlicht, die ich einfach hier im Blog einstelle.<\/p>\n


\n\"\"********************************************************************
\nTitle: Microsoft Security Update Revisions
\nIssued: June 14, 2022
\n********************************************************************<\/p>\n

Summary
\n=======<\/p>\n

The following CVEs have undergone a revision increment.
\n====================================================================<\/p>\n

* CVE-2021-26414
\n* CVE-2022-23267
\n* CVE-2022-24513
\n* CVE-2022-24527
\n* CVE-2022-26832
\n* CVE-2022-30190<\/p>\n

CVE-2021-26414<\/a> | Windows DCOM Server Security Feature Bypass
\n– Version: 2.0
\n– Reason for Revision: Microsoft is announcing the release of the June 14, 2022
\nWindows security updates to address the second phase of hardening changes for this
\nvulnerability. After these updates are installed, RPC_C_AUTHN_LEVEL_PKT_INTEGRITY
\non DCOM servers will be enabled by default. Customers who need to do so can still
\ndisable it by using the\u00a0 RequireIntegrityActivationAuthenticationLevel registry key.
\nMicrosoft strongly recommends that customers install the June 14, 2022 updates,
\ncomplete testing in your environment, and enable these hardening changes as soon
\nas possible.
\n– Originally posted: June 8, 2021
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n

CVE-2022-23267<\/a> | .NET and Visual Studio Denial of Service Vulnerability
\n– Version: 3.0
\n– Reason for Revision: Revised the Security Updates table to include Visual Studio
\n2019 for Mac and Visual Studio 2022 for Mac because these versions of Visual
\nStudio for Mac are affected by this vulnerability. Microsoft strongly recommends
\nthat customers running these versions of Visual Studio install the updates to be
\nfully protected from the vulnerability.
\n– Originally posted: May 10, 2022
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n

CVE-2022-24513<\/a> | Visual Studio Elevation of Privilege Vulnerability
\n– Version: 3.0
\n– Reason for Revision: Microsoft has released the June 2022 security updates to
\nfurther address CVE-2022-24513 for the following supported versions of Visual Studio:
\nVisual Studio 2017 version 15.9, Visual Studio 2019 version 16.9, Visual Studio 2019
\nversion 16.11, Microsoft Visual Studio 2022 version 17.0, and Visual Studio 2019 for
\nMac version 8.10. In addition, Visual Studio 2022 for Mac version 17.0 has been added
\nto the Security Updates table as it is also affected by this vulnerability. Microsoft
\nstrongly recommends that customers install these updates to be fully protected from
\nthe vulnerability.
\n– Originally posted: April 12, 2022
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n

CVE-2022-24527<\/a> | Microsoft Endpoint Configuration Manager Elevation of Privilege
\nVulnerability
\n–\u00a0 Version: 2.0
\n– Reason for Revision: The following revisions have been made: 1) Added Microsoft
\nEndpoint Configuration Manager to the Security Updates table as it is affected by this
\nvulnerability. 2) Removed all versions of Windows from the Security Updates table,
\nbecause the update to address this vulnerability is not available via the Windows
\nsecurity updates. 3) Updated the FAQs to provide information about how customers can
\nget the hotfix for Microsoft Endpoint Configuration Manager that addresses this
\nvulnerability. 4) Corrected the CVE title.
\n– Originally posted: April 12, 2022
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n

CVE-2022-26832<\/a> | .NET Framework Denial of Service Vulnerability
\n– Version: 3.0
\n– Reason for Revision: In the Security Updates table, added .NET Framework
\n4.6.2\/4.7\/4.7.1\/4.7.2 installed on Windows 10 version 1607, Windows Server 2016, and
\nWindows Server 2016 (Server Core installation) as these versions of Window 10 and Windows
\nServer with .NET Framework 4.6.2\/4.7\/4.7.1\/4.7.2 installed are affected by this
\nvulnerability. Customers running these versions of .NET Framework should install the
\nApril 2022 security updates to be protected from this vulnerability.
\n– Originally posted: April 12, 2022
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n

CVE-2022-30190<\/a> | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code
\nExecution Vulnerability
\n– Version: 2.0
\n– Reason for Revision: The update for this vulnerability is in the June 2022
\ncumulative Windows Updates. Microsoft strongly recommends that customers install
\nthe updates to be fully protected from the vulnerability. Customers whose systems are
\nconfigured to receive automatic updates do not need to take any further action.
\n– Originally posted: May 30, 2022
\n– Updated: June 14, 2022
\n– Aggregate CVE Severity Rating: Important<\/p>\n","protected":false},"excerpt":{"rendered":"

[English]Noch eine kurze Info von dieser Woche nachgereicht. Microsoft hat zum 14. Juni 2022 einige Revisionen von Sicherheitsbeschreibungen ver\u00f6ffentlicht, die ich einfach hier im Blog einstelle.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[4328],"class_list":["post-267321","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/267321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=267321"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/267321\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=267321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=267321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=267321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}