Microsoft released a new set of security patches with the June 2022 Patch Tuesday edition. In this month’s security advisory, Microsoft patched a total of 55 vulnerabilities including the Windows MSDT ‘Follina’ zero-day vulnerability (CVE-2022-30190). Out of these 55 vulnerabilities, three vulnerabilities were classified as Critical as they allow Remote Code Execution (RCE).
Microsoft also released an advisory for Intel Processor MMIO Stale Data Vulnerabilities to address four Intel vulnerabilities (Microsoft Advisory 220002, Intel-SA-00615).
The advisory covers a total of 33 products, features, and roles including .NET and Visual Studio, Azure, SQL Server, Windows Hyper-V, File System, and many more.
The vulnerabilities are classified as follows:
- Spoofing Vulnerability: 1
- Denial of Service Vulnerability: 3
- Elevation of Privilege Vulnerability: 12
- Security Feature Bypass Vulnerability: 1
- Information Disclosure Vulnerability: 11
- Remote Code Execution Vulnerability: 27
The zero-day vulnerability addressed this month
CVE-2022-30190: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (RCE) Vulnerability
This remote code execution vulnerability (CVE-2022-30190) exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this flaw can execute an arbitrary code calling the application’s privileges.
Critical vulnerabilities addressed this month
CVE-2022-30136: Windows Network File System Remote Code Execution (RCE) Vulnerability
This vulnerability could be exploited over the network by making an unauthenticated, specially crafted call to a Network File System (NFS) service to trigger a Remote Code Execution (RCE).
CVE-2022-30163: Windows Hyper-V Remote Code Execution (RCE) Vulnerability
To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code. Successful exploitation of this vulnerability requires an attacker to win a race condition.
In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest’s security boundary to execute code on the Hyper-V host execution environment.
CVE-2022-30139: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution (RCE) Vulnerability
This vulnerability is only exploitable if the MaxReceiveBuffer LDAP policy is set to a value higher than the default value. Systems with the default value of this policy would not be vulnerable. Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.
For more information, please see LDAP policies.
CVE-2022-30145: Windows Encrypting File System (EFS) Remote Code Execution (RCE) Vulnerability
Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.
CVE-2022-30158: Microsoft SharePoint Server Remote Code Execution (RCE) Vulnerability
An authenticated attacker, with access to a server that has Sandboxed Code Service enabled, could execute code in the context of the web service account. The attacker must be authenticated and possess permissions for page creation to be able to exploit this vulnerability.
Visit the June 2022 Security Updates page to access the full description of each vulnerability and the systems that it affects.
Qualys customers can scan their network with QIDs 110409, 110410, 376665, 376666, 45538, 91910, 91911, 91912, 91913, 91914, 91915, 91916, 91917, 91918, 91919 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage on the latest vulnerabilities.
References:
https://msrc.microsoft.com/update-guide/en-us
https://msrc.microsoft.com/update-guide/releaseNote/2022-Jun
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30136
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30163
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30139
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30145
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30158