Windows 10: Microsoft Windows Security Updates February 2022 overview

Microsoft released security updates for its Windows operating system and other company products on February 8, 2022. The February 2022 Patch Day is the second of the year and this guides gives you an overview of the releases.



The updates are already available via Windows Update and update management services such as WSUS. Administrators may download the updates to install them manually, or check for updates to install them on devices.

The guide lists all relevant information, links to support pages and downloads, lists known issues, and provides you with other information.

Microsoft Windows Security Updates: February 2022


The following Excel spreadsheet includes the released security updates for Windows and other company products. Just download it with a click on the following link: windows-security-updates-february-2022

Executive Summary

• Microsoft released security updates for all supported client and server versions of Windows.
• Microsoft released no critical updates for Windows on this Patch Day.
• Security updates were also released for other Microsoft products, including Microsoft Dynamics, Microsoft Office, Microsoft Edge, SQL Server, Power BI, Visual Studio Code and Kestrel Web Server
• The following client operating systems have known issues: Windows 7, Windows 8.1, Windows 10 version 1809, Windows 10 version 20H2, 21H1, 21H2,
• The following server operating systems have known issues: Windows Server 2008 and 2008 R2, Windows Server 2012 and 2012 R2, Windows Server 2019, Windows Server 2022

Operating System Distribution

• Windows 7 (extended support only): 11 vulnerabilities: 0 critical and 11 important
• Windows 8.1: 14 vulnerabilities: 0 critical and 14 important
• Windows 10 version 1909: 22 vulnerabilities: 0 critical and 22 important
• Windows 10 version 2004, 20H2, 21H1 and 21H2 : 22 vulnerabilities, 0 critical and 22 important
• Windows 11: 23 vulnerabilities, 0 critical and 23 important

Windows Server products

• Windows Server 2008 R2 (extended support only): 11 vulnerabilities: 0 critical and 11 important
• Windows Server 2012 R2: 14 vulnerabilities: 0 critical and 14 important
• Windows Server 2016: 17 vulnerabilities: 0 critical and 17 important
• Windows Server 2019: 21 vulnerabilities: 0critical and 21 important
• Windows Server 2022: 22 vulnerabilities: 0 critical and 22 important

Windows Security Updates


Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB5010404
• Security-Only: KB5010422

Updates and improvements:

• Daylight saving time for Jordan updated.
• Removed "specific SHA1-signed security and non-security fixes and resigned those fixes with SHA2 in this release".
• Fixed an issue that caused the error "Error: 0x20EF The directory service encountered an unknown failure." in Lightweight Directory Access Protocol (LDAP).
• Fixed an issue in which Windows Server 2008 R2 domain controllers failed to process NTML pass-through authentication.
• Added an audit event on Active Directory domain controllers that lists clients that are not RFC-4456 compliant.

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB5010419
• Security-only: KB5010395

Updates and improvements:

• Daylight saving time for Jordan updated.
• Addressed a Windows Server issue that caused virtual machines with UEFI enabled to fail to start after installing the January 2022 updates.
• Fixed an issue that caused Windows to stop running with the error IRQL_NOT_LESS_OR_EQUAL.
• Fixed an issue that caused the error "Error: 0x20EF The directory service encountered an unknown failure." in Lightweight Directory Access Protocol (LDAP).
• Added an audit event on Active Directory domain controllers that lists clients that are not RFC-4456 compliant. (Monthly-Rollup only)

Windows 10 version 2004, 20H2, 21H1 and 21H2

• Support Page: KB5010342

Updates and improvements:

• Fixed an issue that caused the error "Error: 0x20EF The directory service encountered an unknown failure." in Lightweight Directory Access Protocol (LDAP).
• Plus the changes introduced by the preview update.

Windows 11

• Support Page: KB5010386

Updates and improvements:

• Fixed an issue that caused the error "Error: 0x20EF The directory service encountered an unknown failure." in Lightweight Directory Access Protocol (LDAP).
• Plus the changes introduced by the preview update.

Other security updates

2022-02 Security Monthly Quality Rollup for Windows Server 2008 (KB5010384)

2022-02 Security Only Quality Update for Windows Server 2008 (KB5010403)

2022-02 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5010392)

2022-02 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5010412)

2022-02 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5010354)

2022-02 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5010351)

2022-02 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5010359)

2022-02 Cumulative Update for Windwos 10 version 1507 (KB5010358)

2022-02 Cumulative Update for Windows 10 Version 1909 (KB5010345)

2022-02 Servicing Stack Update for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5010451)

2022-02 Servicing Stack Update for Windows Server 2008 (KB5010452)

Known Issues


Windows 7 SP1 and Windows Server 2008 R2

• Updates may show as failed and may be uninstalled because the machine is not on ESU.
  • Expected behavior.
• Certain operations such as rename may fail on Cluster Shared Volumes.
  • Perform the operation from a process with administrator privileges.
  • Perform the operation from a node that does not have CSV ownership.

Windows 8.1 and Server 2012 R2

• Certain operations such as rename may fail on Cluster Shared Volumes.
  • Perform the operation from a process with administrator privileges.
  • Perform the operation from a node that does not have CSV ownership.
• (NEW) Issues with apps using the " Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information". These may fail, close, or may throw errors messages such as access violation (0xc0000005).
  • Install out-of-band updates for the .NET Framework version that the app in question uses. Microsoft has links to these on the support page.

Windows 10 versions 2004, 20H2, 21H1 and 21H2

• Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
  • Workaround described on the support page.
• Some devices can't install updates after installation of KB5003690 (June 21, 2021). Error PSFX_E_MATCHING_BINARY_MISSING is displayed.
  • Workaround instructions are available here.
• Connections may fail to authentication when using smart card authentication in Remote Desktop Connections.
  • Resolved according to Microsoft, should not be experienced anymore.

Security advisories and updates


ADV 990001 -- Latest Servicing Stack Updates

Non-security updates


2022-02 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5010457)

2022-02 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5010458)

2022-02 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5010461)

2022-02 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5010462)

2022-02 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5010464)

2022-02 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5010465)

2022-02 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5010581)

2022-02 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5010582)

2022-02 Security and Quality Rollup for .NET Framework 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5010583)

2022-02 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5010584)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1, Windows Server, version 20H2, Windows 10 Version 20H2, Windows 10 Version 2004, Windows 10 Version 1909, Windows 10 Version 1903, Windows 10 Version 1809, and Windows 10 Version 1607 (KB5009467)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5009468)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5009469)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5009470)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5009472)

2022-02 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5010460)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 (KB5010483)

2022-02 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5010580)

Microsoft Office Updates

You find Office update information here.

How to download and install the February 2022 security updates


Security updates are distributed automatically via Windows Update. The distribution does not happen in realtime, and administrators may speed up the installation of these updates by running manual update checks or by downloading the updates from the Microsoft Update Catalog website.

Here is how you may check for updates manually:

1. Select Start, type Windows Update and load the Windows Update item that is displayed.
2. Select check for updates to run a manual check for updates.

Direct update downloads


Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

• KB5010404 -- 2022-02 Security Monthly Quality Rollup for Windows 7
• KB5010422 -- 2022-02 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB5010419 -- 2022-02 Security Monthly Quality Rollup for Windows 8.1
• KB5010395 -- 2022-02 Security Only Quality Update for Windows 8.1

Windows 10 (version 20H2)

• KB5010342 -- 2022-02 Cumulative Update for Windows 10 Version 20H2

Windows 10 (version 21H1)

• KB5010342 -- 2022-02 Cumulative Update for Windows 10 Version 21H1

Windows 10 (version 21H2)

• KB5010342 -- 2022-02 Cumulative Update for Windows 10 Version 21H2

Windows 11

• KB5010386 -- 2022-02 Cumulative Update for Windows 11

Additional resources

• February 2022 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 11 Update History
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates February 2022 overview appeared first on gHacks Technology News.

read more...

 

Microsoft January 2022 Security Updates

January 2022 Security Updates
Updates this Month


This release consists of security updates for the following products, features and roles.

• .NET Framework
• Microsoft Dynamics
• Microsoft Edge (Chromium-based)
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Teams
• Microsoft Windows Codecs Library
• Open Source Software
• Role: Windows Hyper-V
• Tablet Windows User Interface
• Windows Account Control
• Windows Active Directory
• Windows AppContracts API Server
• Windows Application Model
• Windows BackupKey Remote Protocol
• Windows Bind Filter Driver
• Windows Certificates
• Windows Cleanup Manager
• Windows Clipboard User Service
• Windows Cluster Port Driver
• Windows Common Log File System Driver
• Windows Connected Devices Platform Service
• Windows Cryptographic Services
• Windows Defender
• Windows Devices Human Interface
• Windows Diagnostic Hub
• Windows DirectX
• Windows DWM Core Library
• Windows Event Tracing
• Windows Geolocation Service
• Windows HTTP Protocol Stack
• Windows IKE Extension
• Windows Installer
• Windows Kerberos
• Windows Kernel
• Windows Libarchive
• Windows Local Security Authority
• Windows Local Security Authority Subsystem Service
• Windows Modern Execution Server
• Windows Push Notifications
• Windows RDP
• Windows Remote Access Connection Manager
• Windows Remote Desktop
• Windows Remote Procedure Call Runtime
• Windows Resilient File System (ReFS)
• Windows Secure Boot
• Windows Security Center
• Windows StateRepository API
• Windows Storage
• Windows Storage Spaces Controller
• Windows System Launcher
• Windows Task Flow Data Engine
• Windows Tile Data Repository
• Windows UEFI
• Windows UI Immersive Server
• Windows User Profile Service
• Windows User-mode Driver Framework
• Windows Virtual Machine IDE Drive
• Windows Win32K
• Windows Workstation Service Remote Protocol

Please note the following information regarding the security updates:


Security Update Guide Blog Posts
Date Blog Post
January 11, 2022 Coming Soon: A Brand-New Notification System!
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Information

• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds
The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

• CVE-2021-22947
• CVE-2021-36976
• CVE-2022-0096
• CVE-2022-0097
• CVE-2022-0098
• CVE-2022-0099
• CVE-2022-0100
• CVE-2022-0101
• CVE-2022-0102
• CVE-2022-0103
• CVE-2022-0104
• CVE-2022-0105
• CVE-2022-0106
• CVE-2022-0107
• CVE-2022-0108
• CVE-2022-0109
• CVE-2022-0110
• CVE-2022-0111
• CVE-2022-0112
• CVE-2022-0113
• CVE-2022-0114
• CVE-2022-0115
• CVE-2022-0116
• CVE-2022-0117
• CVE-2022-0118
• CVE-2022-0120
• CVE-2022-21836
• CVE-2022-21837
• CVE-2022-21838
• CVE-2022-21840
• CVE-2022-21841
• CVE-2022-21842
• CVE-2022-21843
• CVE-2022-21846
• CVE-2022-21848
• CVE-2022-21849
• CVE-2022-21850
• CVE-2022-21851
• CVE-2022-21855
• CVE-2022-21857
• CVE-2022-21876
• CVE-2022-21877
• CVE-2022-21880
• CVE-2022-21882
• CVE-2022-21883
• CVE-2022-21887
• CVE-2022-21889
• CVE-2022-21890
• CVE-2022-21892
• CVE-2022-21893
• CVE-2022-21900
• CVE-2022-21901
• CVE-2022-21904
• CVE-2022-21905
• CVE-2022-21907
• CVE-2022-21912
• CVE-2022-21914
• CVE-2022-21915
• CVE-2022-21917
• CVE-2022-21920
• CVE-2022-21922
• CVE-2022-21928
• CVE-2022-21929
• CVE-2022-21930
• CVE-2022-21931
• CVE-2022-21954
• CVE-2022-21958
• CVE-2022-21959
• CVE-2022-21960
• CVE-2022-21961
• CVE-2022-21962
• CVE-2022-21963
• CVE-2022-21964
• CVE-2022-21969
• CVE-2022-21970
• CVE-2022-22709

Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To
5002109 SharePoint Server 2019 Core
5002111 SharePoint Server Subscription Edition Core
5002113 SharePoint Enterprise Server 2016
5002127 SharePoint Foundation 2013
5008631 Microsoft Exchange Server 2013, 2016, 2019
5009543 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
5009546 Windows 10, version 1607, Windows Server 2016
5009555 Windows Server 2022
5009557 Windows Server 2019
5009566 Windows 11
5009586 Windows Server 2012 (Monthly Rollup)
5009595 Windows 8.1, Windows Server 2012 R2 (Security-only update)
5009601 Windows Server 2008 (Security-only update)
5009610 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
5009619 Windows Server 2012 (Security-only update)
5009621 Windows 7, Windows Server 2008 R2 (Security-only update)
5009624 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
5009627 Windows Server 2008 (Monthly Rollup)
Released: Jan 11, 2022
January 2022 Security Updates - Release Notes - Security Update Guide - Microsoft

 

Microsoft Security Bulletin for February 2008 Released

As promised Microsoft today rolled out 11 security updates that patch 17 vulnerabilities in Windows, Office, Internet Explorer, Internet Information Server (IIS) and several other components and technologies. That's Microsoft's biggest patch update in a year, with six of the 11 fixes ranked as "critical" and the other five ranked "important". Check the full Microsoft Security Bulletin summary for February 2008 here or start the Automatic Update feature.

Source: Microsoft

 

Microsoft February 2019 Security Updates

Release Notes
February 2019 Security Updates
Release Date: February 12, 2019

The February security release consists of security updates for the following software:


Adobe Flash Player
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Framework
Microsoft Exchange Server
Microsoft Visual Studio
Azure IoT SDK
Microsoft Dynamics
Team Foundation Server
Visual Studio Code
Please note the following information regarding the security updates:


A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates.


ADV190003
ADV190007 *
ADV990001
CVE-2019-0540 *
CVE-2019-0600
CVE-2019-0601
CVE-2019-0602
CVE-2019-0615
CVE-2019-0616
CVE-2019-0619
CVE-2019-0621
CVE-2019-0628
CVE-2019-0635
CVE-2019-0636
CVE-2019-0643
CVE-2019-0648
CVE-2019-0658
CVE-2019-0660
CVE-2019-0661
CVE-2019-0664
CVE-2019-0669
CVE-2019-0676
CVE-2019-0686 *
CVE-2019-0724 *
CVE-2019-0741
Known Issues


4487026
4487020
4486996
4487017
4487044
4483452
4345836
4471392
4471391
4487052
https://portal.msrc.microsoft.com/en...3-000d3a33c573