Microsoft Security Update Revisions (March 17, 2022)

Microsoft has released revisions to its security alerts and update descriptions as of March 17, 2022. Here is a summary of these revisions that I received by mail.


Advertising

*********************************************************
Title: Microsoft Security Update Revisions
Issued: March 17, 2022
*********************************************************

Summary
=======

The following CVEs have undergone revision increments.
=========================================================

* CVE-2020-8927
* CVE-2022-24512
* CVE-2022-24511

CVE-2020-8927 | Brotli Library Buffer Overflow Vulnerability
– Version: 2.0
– Reason for Revision: Revised the Security Updates table to include PowerShell 7.0,
   PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
   affected by this vulnerability. See
   Github for more information.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important


Advertising

CVE-2022-24512 | .NET and Visual Studio Remote Code Execution Vulnerability
– Version: 2.0
– Reason for Revision: Revised the Security Updates table to include PowerShell 7.0,
   PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
   affected by this vulnerability. See
   Github for more information.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-24511 | Microsoft Office Word Tampering Vulnerability
– Version: 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to
   take any action. See the Release Notes for more information and download links.
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

Reason for Revision for the following CVEs: Corrected Download and Article links
in the Security Updates table. This is an informational change only.

* CVE-2022-21977
* CVE-2022-22010
* CVE-2022-23283
* CVE-2022-23285
* CVE-2022-23299

CVE-2022-21977 | Media Foundation Information Disclosure Vulnerability
– Version: 1.2
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-22010 | Media Foundation Information Disclosure Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23283 | Windows ALPC Elevation of Privilege Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 16, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23285 | Remote Desktop Client Remote Code Execution Vulnerability
– Version: 1.1
– Originally posted: March 8, 2022
– Updated: March 17, 2022
– Aggregate CVE Severity Rating: Important

CVE-2022-23299 | Windows PDEV Elevation of Privilege Vulnerability
– Version: 1.1
– Updated: March 17, 2022
– Aggregate CVE Severity Rating: Important


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).