Windows 10: KB5020805: How to manage Kerberos protocol changes related to CVE-2022-37967

Hi, There is an enforcement due on the 11th July from Microsoft due to a security vulnerability, Please see under article:https://support.microsoft.com/en-gb/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efbThe November 8, 2022 Windows updates address security bypass and elevation of privilege vulnerabilities with Privilege Attribute Certificate PAC signatures. This security update addresses Kerberos vulnerabilities where an attacker could digitally alter PAC signatures, raising their privileges.To help secure your env

:)

 

CVE-2022-30190 workaround for Windows 7

The guidance for CVE-2022-30190 mentions deleting the MSDT URL Protocol as a workaround for this vulnerability.

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability – Microsoft Security Response Center

However, the FAQ says "The registry key mentioned in the workaround section will not exist in earlier supported versions of Windows, so the workaround is not required."

Does this mean there is no workaround for Windows 7 and the only solution is to install the July 2022 security update?

 

Was Follina (CVE-2022-30190) not actually addressed in the June 2022 Security Patch?

Hello,

I have an issue with the flow of information when using the MSRC Portal, as the Follina CVE (CVE-2022-30190) is not showing as part of the CVE's addressed in the June 2022 patch, even though it does say that the June 2022 Security Patch fixes the Vulnerability.

Please follow my steps:

MSRC's Follina CVE page Security Update Guide - Microsoft Security Response Center

Navigate to the bottom and select the KB Article for Server 2019 (this applies to all other KB Articles, but this is my example)

June 14, 2022—KB5014692 (OS Build 17763.3046) - Microsoft Support

In this article, follow the link under Improvements -> "June 2022 Security Updates."

This brings you back to the MSRC page: Security Update Guide - Microsoft Security Response Center

These release notes DO NOT say that the CVE-2022-30190 was addressed in the June patching...?

Can someone please help here and confirm if the Follina CVE (CVE-2022-30190) patch was actually applied in the June Patch Tuesday release?

 

CVE-2022-30190 workaround for Windows 7

This is a consumer-oriented peer-to-peer support forum. Support issues that may arise under Microsoft's Extended Security Updates (ESU) program are beyond the scope of this forum.

Did you purchase ESU for 2022? If not, you do not have access to the July 2022 security update.

If you did purchase ESU for 2022, see https://docs.microsoft.com/en-us/tr...ty-updates-faq#is-technical-support-included- regarding technical support.

As I understand the Guidance for CVE-2022-30190:

• A remote code execution vulnerability exists when MSDT is called using the URL protocol
  
• The MSDT URL protocol is not available in versions of Windows earlier than Windows Server 2019 & Windows 10 version 1809, i.e., the MSDT URL protocol isn't available in Windows 7.
  

Thus, the vulnerability does not appear (to me) to exist in Windows 7. For a more definitive answer see the link above.