{"id":25699,"date":"2022-07-19T00:24:46","date_gmt":"2022-07-18T22:24:46","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=25699"},"modified":"2022-07-19T00:24:46","modified_gmt":"2022-07-18T22:24:46","slug":"cisa-windows-schwachstelle-cve-2022-22047-muss-bis-2-august-2022-gepatcht-sein","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/07\/19\/cisa-windows-schwachstelle-cve-2022-22047-muss-bis-2-august-2022-gepatcht-sein\/","title":{"rendered":"CISA: Windows vulnerability CVE-2022-22047 must be patched by Aug. 2, 2022"},"content":{"rendered":"<p><img decoding=\"async\" title=\"Windows\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" alt=\"Windows\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Windows-klein.jpg\" width=\"200\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/07\/19\/cisa-windows-schwachstelle-cve-2022-22047-muss-bis-2-august-2022-gepatcht-sein\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]U.S. Cyber Security Administration (CISA) has set a deadline of August 2, 2022 for U.S. institutions to fix the CVE-2022-22047 vulnerability, which is rated with a CVSS index of 7.8. This vulnerability in the Client Server Runtime Subsystem (CSRSS) affects virtually all versions of Windows and was fixed in the July 2022 updates.<\/p>\n<p><!--more--><\/p>\n<h2>The CVE-2022-22047 vulnerability<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg04.met.vgwort.de\/na\/01a03bf7af4b432db5f7fab66b62e3ad\" width=\"1\" height=\"1\"><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-22047\" target=\"_blank\" rel=\"noopener\">CVE-2022-22047<\/a> is an elevation of privilege vulnerability in the Client Server Runtime Subsystem (CSRSS). A (local) attacker who successfully exploited this vulnerability could gain SYSTEM privileges. The vulnerability is already being exploited, according to Microsoft. Virtually all Windows versions (client and server) are affected:<\/p>\n<ul>\n<li>Windows Server 2012\/R2: <a href=\"https:\/\/support.microsoft.com\/help\/5015874\" target=\"_blank\" rel=\"noopener\">KB5015874<\/a> Monthly Rollup\n<li>Windows Server 2012\/R2: <a href=\"https:\/\/support.microsoft.com\/help\/5015877\" target=\"_blank\" rel=\"noopener\">KB5015877<\/a> Security only\n<li>Windows Server 2012: <a href=\"https:\/\/support.microsoft.com\/help\/5015863\" target=\"_blank\" rel=\"noopener\">KB5015863<\/a> Monthly Rollup\n<li>Windows Server 2012: <a href=\"https:\/\/support.microsoft.com\/help\/5015875\" target=\"_blank\" rel=\"noopener\">KB5015875<\/a> Security only\n<li>Windows Server 2008 R2 SP1: <a href=\"https:\/\/support.microsoft.com\/help\/5015861\" target=\"_blank\" rel=\"noopener\">KB5015861<\/a> Monthly Rollup\n<li>Windows Server 2008 R2 SP1: <a href=\"https:\/\/support.microsoft.com\/help\/5015862\" target=\"_blank\" rel=\"noopener\">KB5015862<\/a> Security only\n<li>Windows Server 2008 SP2: <a href=\"https:\/\/support.microsoft.com\/help\/5015866\" target=\"_blank\" rel=\"noopener\">KB5015866<\/a> Monthly Rollup\n<li>Windows Server 2008 SP2: <a href=\"https:\/\/support.microsoft.com\/help\/5015870\" target=\"_blank\" rel=\"noopener\">KB5015870<\/a> Security only\n<li>Windows RT 8.1: <a href=\"https:\/\/support.microsoft.com\/help\/5015874\" target=\"_blank\" rel=\"noopener\">KB5015874<\/a> (Monthly Rollup)\n<li>Windows 8.1: <a href=\"https:\/\/support.microsoft.com\/help\/5015874\" target=\"_blank\" rel=\"noopener\">KB5015874<\/a> Monthly Rollup\n<li>Windows 8.1: <a href=\"https:\/\/support.microsoft.com\/help\/5015877\" target=\"_blank\" rel=\"noopener\">KB5015877<\/a> Security only\n<li>Windows 7 SP1: <a href=\"https:\/\/support.microsoft.com\/help\/5015861\" target=\"_blank\" rel=\"noopener\">KB5015861<\/a> Monthly Rollup\n<li>Windows 7 SP1: <a href=\"https:\/\/support.microsoft.com\/help\/5015862\" target=\"_blank\" rel=\"noopener\">KB5015862<\/a> Security only\n<li>Windows Server 2016: <a href=\"https:\/\/support.microsoft.com\/help\/5015808\" target=\"_blank\" rel=\"noopener\">KB5015808<\/a>\n<li>Windows 10: <a href=\"https:\/\/support.microsoft.com\/help\/5015832\" target=\"_blank\" rel=\"noopener\">KB5015832<\/a>\n<li>Windows 10 Version 21H2: <a href=\"https:\/\/support.microsoft.com\/help\/5015807\" target=\"_blank\" rel=\"noopener\">KB5015807<\/a>\n<li>Windows 11: <a href=\"https:\/\/support.microsoft.com\/help\/5015814\" target=\"_blank\" rel=\"noopener\">KB5015814<\/a>\n<li>Windows Server 2022: <a href=\"https:\/\/support.microsoft.com\/help\/5015827\" target=\"_blank\" rel=\"noopener\">KB5015827<\/a>\n<li>Windows Server 2019: <a href=\"https:\/\/support.microsoft.com\/help\/5015811\" target=\"_blank\" rel=\"noopener\">KB5015811<\/a>\n<li>Windows 10 Version 1809: <a href=\"https:\/\/support.microsoft.com\/help\/5015811\" target=\"_blank\" rel=\"noopener\">KB5015811<\/a><\/li>\n<\/ul>\n<p>The KB numbers indicate the relevant updates deployed as of July 12, 2022. . <\/p>\n<h2>CISA statement: Patch by August<\/h2>\n<p>The U.S. Cyber Security Administration has added the CVE-2022-22047 vulnerability to its list of bugs to patch (see the <a href=\"https:\/\/twitter.com\/samilaiho\/status\/1548667353948372998\" target=\"_blank\" rel=\"noopener\">following tweet<\/a>) and requires systems to be patched by August 2, 2022. <\/p>\n<p><a href=\"https:\/\/twitter.com\/samilaiho\/status\/1548667353948372998\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/i.imgur.com\/btDOr00.png\"><\/a><\/p>\n<p>The Record has published some more assessments of this vulnerability by security researchers <a href=\"https:\/\/therecord.media\/cisa-adds-windows-bug-to-exploited-list-urges-agencies-to-patch-by-august-2\/\" target=\"_blank\" rel=\"noopener\">here<\/a>. <\/p>\n<p><strong>Similar articles<\/strong><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/06\/microsoft-office-updates-5-juli-2022\/\">Microsoft Office Updates (July 5, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/12\/microsoft-security-update-summary-12-juli-2022\/\">Microsoft Security Update Summary (July 12, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/13\/patchday-windows-10-updates-12-juli-2022\/\">Patchday: Windows 10-Updates (July 12 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/13\/patchday-windows-11-server-2022-updates-12-juli-2022\/\">Patchday: Windows 11\/Server 2022-Updates (July 12, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/13\/windows-7-server-2008r2-windows-8-1-server-2012r2-updates-12-juli-2022\/\">Windows 7\/Server 2008R2; Windows 8.1\/Server 2012R2: Updates (July 12 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/14\/patchday-microsoft-office-updates-12-juli-2022\/\">Patchday: Microsoft Office Updates (July 12, 2022)<\/a> <\/p>\n<p><a href=\"https:\/\/borncity.com\/win\/2022\/07\/14\/office-updates-destroys-access-run-time-and-apps\/\">Office updates destroys Access run time and apps<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/05\/23\/windows-10-microsoft-weitet-suchhervorhebungen-im-suchbereich-aus-19-mai-2022\/\">Windows 10: Microsoft expands \"search highlights\" in search area (May 19, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/07\/16\/microsoft-july-2022-patchday-issues-windows-office\/\">Microsoft July 2022 Patchday issues (Windows, Office)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/06\/10\/windows-10-21h2-explorer-taskbar-issuses-a-collision-between-search-highlights-and-hp-development-company-l-p-extension-8-10-5-34686\/\">Windows 10 21H2: Explorer \/Taskbar issuses \u2013 a collision between Search Highlights and \"HP Development Company, L.P. \u2013 Extension \u2013 8.10.5.34686\"<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]U.S. Cyber Security Administration (CISA) has set a deadline of August 2, 2022 for U.S. institutions to fix the CVE-2022-22047 vulnerability, which is rated with a CVSS index of 7.8. This vulnerability in the Client Server Runtime Subsystem (CSRSS) affects &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/07\/19\/cisa-windows-schwachstelle-cve-2022-22047-muss-bis-2-august-2022-gepatcht-sein\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[2734,69,195,194],"class_list":["post-25699","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-patchday-7-2022","tag-security","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/25699","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=25699"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/25699\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=25699"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=25699"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=25699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}