Security Alert: Urgent Windows patches
Date:
2022-04-14 15:06:00
Status:
Closed
Brief Description:
Microsoft has published updates to desktop and server Windows operating systems that include several security updates for critical and high-severity vulnerabilities. Test and patch as soon as possible.
Current Status:
N/A
Services Affected:
Certified Desktop
Servers
Full Description:
Microsoft has published updates to desktop and server Windows operating systems. These updates include security updates for several critical and high-severity vulnerabilities. Most notably:
• A critical-severity, wormable remote code execution vulnerability in the Remote Procedure Call (RPC) Runtime Library for Server Message Block (SMB)
• Two critical-severity, wormable remote code execution vulnerabilities in the Network File System (NFS) role
• A high-severity zero-day privilege escalation vulnerability in the Windows Common Log File System Driver, known to be actively used in targeted exploits in the wild
• A high-severity zero-day privilege escalation vulnerability in the Windows User Profile Service, which is more difficult to exploit but has known exploits available
For Certified Desktop customers:
Updates will be made available today, Thursday, April 14, with an installation deadline of 4:00pm on Friday, April 15.
For Managed Server customers:
Automated patching will apply these updates to Windows Server instances supported by Managed Server during the patching schedule assigned to your servers. Servers will then be rebooted during the next maintenance window. For more information, see https://it.cornell.edu/managed-servers/patch-management-windows
For unmanaged Windows desktops and servers:
Test and apply the relevant 2022-04 Cumulative Update or 2022-04 Security Only Quality Update for all supported versions of Windows desktop and server operating systems as soon as possible.
References:
ThreatPost: https://threatpost.com/microsoft-zero-days-wormable-bugs/179273/
Remote Procedure Call Runtime Remote Code Execution Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
Windows Network File System Remote Code Execution Vulnerability (1): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491
Windows Network File System Remote Code Execution Vulnerability (2): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24497
Windows Common Log File System Driver Elevation of Privilege Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24521
Windows User Profile Service Elevation of Privilege Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26904
Windows 10 Update History: https://aka.ms/WindowsUpdateHistory
Windows 11 Update History: https://aka.ms/Windows11UpdateHistory
• A critical-severity, wormable remote code execution vulnerability in the Remote Procedure Call (RPC) Runtime Library for Server Message Block (SMB)
• Two critical-severity, wormable remote code execution vulnerabilities in the Network File System (NFS) role
• A high-severity zero-day privilege escalation vulnerability in the Windows Common Log File System Driver, known to be actively used in targeted exploits in the wild
• A high-severity zero-day privilege escalation vulnerability in the Windows User Profile Service, which is more difficult to exploit but has known exploits available
For Certified Desktop customers:
Updates will be made available today, Thursday, April 14, with an installation deadline of 4:00pm on Friday, April 15.
For Managed Server customers:
Automated patching will apply these updates to Windows Server instances supported by Managed Server during the patching schedule assigned to your servers. Servers will then be rebooted during the next maintenance window. For more information, see https://it.cornell.edu/managed-servers/patch-management-windows
For unmanaged Windows desktops and servers:
Test and apply the relevant 2022-04 Cumulative Update or 2022-04 Security Only Quality Update for all supported versions of Windows desktop and server operating systems as soon as possible.
References:
ThreatPost: https://threatpost.com/microsoft-zero-days-wormable-bugs/179273/
Remote Procedure Call Runtime Remote Code Execution Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
Windows Network File System Remote Code Execution Vulnerability (1): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491
Windows Network File System Remote Code Execution Vulnerability (2): https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24497
Windows Common Log File System Driver Elevation of Privilege Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24521
Windows User Profile Service Elevation of Privilege Vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26904
Windows 10 Update History: https://aka.ms/WindowsUpdateHistory
Windows 11 Update History: https://aka.ms/Windows11UpdateHistory
CIT TDX ID: