Windows 10: Microsoft Windows Security Updates November 2022 overview

Microsoft released security and non-security updates for all supported client and server versions of the Windows operating system on the November 2022 Patch Tuesday. The updates are available already, and most home Windows devices should receive the updates automatically starting today.



The following guide helps home users and system administrators alike when it comes to updating systems. It includes information on the released updates, links to official Microsoft support pages and manual downloads, a fully updated list of known issues for each client version of Windows, links to all other security updates and non-security updates Microsoft released, and more.,

Tip: check out our overview of the October 2022 Patch Day here.

Microsoft Windows Security Updates: November 2022


The following Excel spreadsheet includes the released security updates for Windows and other company products. Just download it with a click on the following link: security-updates-windows-november-2022

Executive Summary

• Windows 10 version 22H2, aka the Windows 10 2022 Update, was released this month.
• There won't be a preview update for the month of December 2022.
• Microsoft released security updates for all supported client and server versions of Windows.
• Microsoft released security updates for other company products, including .NET Framework, Azure, Microsoft Dynamics, Microsoft Office, SysInternals, Visual Studio.
• The following client versions of Windows have known issues: Windows 7, Windows 8.1, Windows 10 version 21H2, Windows 11 version 22H2
• The following server versions of Windows have known issues: Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Server 2019

Operating System Distribution

• Windows 7 (extended support only): 21 vulnerabilities: 4 critical and 17 important
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41044
• Windows 8.1: 23 vulnerabilities: 4 critical and 19 important
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039
• Windows 10 version 21H1, 21H2 and 22H2: 37 vulnerabilities, 5 critical and 32 important
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088
  • Windows Hyper-V Denial of Service Vulnerability -- CVE-2022-38015
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118
• Windows 11 and Windows 11 version 22H2: 35 vulnerabilities, 5 critical and 30 important
  • same as Windows 10

Windows Server products

• Windows Server 2008 R2 (extended support only): 24 vulnerabilities: 6 critical and 18 important
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039
  • Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability -- CVE-2022-37966
  • Windows Kerberos Elevation of Privilege Vulnerability -- CVE-2022-37967
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41044
• Windows Server 2012 R2: 26 vulnerabilities: 6 critical and 20 important
  • same as Windows Server 2008 R2.
• Windows Server 2016: 34 vulnerabilities: 7 critical and 27 important
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41039
  • Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability -- CVE-2022-41088
  • Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability -- CVE-2022-37966
  • Windows Hyper-V Denial of Service Vulnerability -- CVE-2022-38015
  • Windows Kerberos Elevation of Privilege Vulnerability -- CVE-2022-37967
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41128
  • Windows Scripting Languages Remote Code Execution Vulnerability -- CVE-2022-41118
• Windows Server 2019: 37 vulnerabilities: 7 critical and 30 important
  • same as Windows Server 2016
• Windows Server 2022: 39 vulnerabilities: 10 critical and 56 important
  • same as Windows Server 2016

Windows Security Updates


Windows 7 SP1 and Windows Server 2008 R2

• Monthly Rollup: KB5020000
• Security-Only: KB5020013

Updates and improvements:

• Daylight saving time for Jordan updated.
• Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
• Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. (Monthly-Security only)
• Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).” (Monthly-Security only)
• Security updates.

Windows 8.1 and Windows Server 2012 R2

• Monthly Rollup: KB5020023
• Security-only: KB5020010

Updates and improvements:

• Daylight saving time for Jordan updated.
• Addresses a Distributed Component Object Model (DCOM) authentication hardening issue to automatically raise authentication level for all non-anonymous activation requests from DCOM clients. This will occur if the authentication level is less than RPC_C_AUTHN_LEVEL_PKT_INTEGRITY. (Monthly-Security only)
• Addresses an issue where Microsoft Azure Active Directory (AAD) Application Proxy Connector cannot retrieve a Kerberos ticket on behalf of the user because of the following general API error: “The handle specified is invalid (0x80090301).” (Monthly-Security only)
• Addresses an issue where, after installing the January 11, 2022 or later update, the Forest Trust creation process fails to populate the DNS name suffixes into the trust information attributes.
• Addresses an issue where the Microsoft Visual C++ Redistributable Runtime does not load into the Local Security Authority Server Service (LSASS) when Protected Process Light (PPL) is enabled. (Monthly-Security only)
• Security updates

Windows 10 version 21H1m 21H2 and 22H2

• Support Page: KB5019959

Updates and improvements:

• Security updates
• Changes of the preview updates, released under KB5020953

Windows 11 Release version

• Support Page: KB5019961

Updates and improvements:

• Security updates
• Changes of the preview updates, released under KB5018483

Windows 11 version 22H2

• Support Page: KB5019980

Updates and improvements:

• Addresses an issue in File Explorer, which fails to localize folders.
• Security updates.
• Changes of the preview update, released under Kb5018496.

Other security updates

KB5019958: Cumulative security update for Internet Explorer: November 8, 2022

2022-11 Cumulative Update for Windows 10 Version 1507 (KB5019970)

2022-11 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5019964)

2022-11 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5019966)

2022-11 Cumulative Update for Windows 10 Version 21H1, Windows 10 Version 20H2 (KB5019959)

Server updates

2022-11 Security Only Quality Update for Windows Server 2008 (KB5020005)

2022-11 Security Monthly Quality Rollup for Windows Server 2008 (KB5020019)

2022-11 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5020009)

.NET Framework

2022-11 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020606)

2022-11 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020608)

2022-11 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020609)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020610)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020611)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020612)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020618)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020620)

2022-11 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020621)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020628)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5020629)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5020630)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020678)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020679)

2022-11 Security Only Update for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020680)

2022-11 Security Only Update for .NET Framework 4.6.2 for Windows Server 2008 (KB5020681)

2022-11 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5020688)

2022-11 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5020689)

2022-11 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5020690)

2022-11 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 (KB5020691)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1, Windows 10 Version 20H2,Windows 10 Version 1809, and Windows 10 Version 1607 (KB5020613)

2022-11 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5020614)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5020615)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5020617)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5020619)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020622)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H1, Windows 10 Version 20H2 (KB5020623)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 (KB5020624)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5020627)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5020632)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server, version 21H1, Windows 10 Version 21H1, Windows Server, version 20H2, Windows 10 Version 20H2 (KB5020676)

2022-11 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5020685)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 20H2 (KB5020686)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 (KB5020687)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5020692)

2022-11 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system, version 22H2 for x64 (KB5020693)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 (KB5020694)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 (KB5020695)

2022-11 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H1 (KB5020801)

Known Issues


Windows 7 SP1 and Windows Server 2008 R2

• (New) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
  • Microsoft released guidance on the issue here.
• (Old) Updates may show as failed and may be uninstalled because the machine is not on ESU.
  • Expected behaviour.
• (Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes.
  • To mitigate the issue, one of the following needs to be done:
    • Clear the "Run in logged-on user's security context (user policy option)" check box.
    • In the affected Group Policy, change "Action" from "Replace" to "Update".
    • If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.

Windows 8.1 and Windows Server 2012 R2

• (New) After this update or a later Windows update is installed, domain join operations might be unsuccessful and error "0xaac (2732): NERR_AccountReuseBlockedByPolicy" occurs.
  • Microsoft released guidance on the issue here.
• (Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes.
  • To mitigate the issue, one of the following needs to be done:
    • Clear the "Run in logged-on user's security context (user policy option)" check box.
    • In the affected Group Policy, change "Action" from "Replace" to "Update".
    • If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.

Windows 10 versions 21H1, 21H2 and 22H2

• (Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes.
  • To mitigate the issue, one of the following needs to be done:
    • Clear the "Run in logged-on user's security context (user policy option)" check box.
    • In the affected Group Policy, change "Action" from "Replace" to "Update".
    • If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.
• (New, again) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed.
  • Workaround described on the support page.

Windows 11

• (New) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
  • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
• (New) Copying large files (multiple gigabytes) may take longer than expected.
  • Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.
• (Fixed) File copies which use Group Policy Preferences might fail or might create empty shortcuts or files that have 0 (zero) bytes.
  • To mitigate the issue, one of the following needs to be done:
    • Clear the "Run in logged-on user's security context (user policy option)" check box.
    • In the affected Group Policy, change "Action" from "Replace" to "Update".
    • If a wildcard (*) is used in the location or destination, deleting the trailing "\" (backslash, without quotation marks) from the destination might allow the copy to be successful.

Windows 11 version 22H2

• (Old) Provisioning packages may not work as expected. Windows may only be configured partially and the " Out Of Box Experience might not finish or might restart unexpectedly".
  • Provisioning the Windows device before upgrading to Windows 11 version 22H2 fixes the issue.
• (Old) Copying large files (multiple gigabytes) may take longer than expected.
  • Use the commands robocopy \\someserver\someshare c:\somefolder somefile.img /J or xcopy \\someserver\someshare c:\somefolder /J until fixed.

Security advisories and updates


ADV 990001 -- Latest Servicing Stack Updates

Non-security updates


Microsoft Office Updates

You find Office update information here.

How to download and install the November 2022 security updates


Most home systems will receive the updates automatically, thanks to Windows Update. Administrators have options to download updates manually, and to run manual checks for updates to install the updates as early as possible.

Note that it is recommended to create a system backup before installing any updates for Windows. A system backup gives you an option to restore a previous version.


Do the following to run a manual check for updates:

1. Select Start, type Windows Update and load the Windows Update item that is displayed.
2. Select check for updates to run a manual check for updates.

Direct update downloads


Below are resource pages with direct download links, if you prefer to download the updates to install them manually.

Windows 7 and Server 2008 R2

• KB5020000 -- 2022-11 Security Monthly Quality Rollup for Windows 7
• KB5020013 -- 2022-11 Security Only Quality Update for Windows 7

Windows 8.1 and Windows Server 2012 R2

• KB5020023 -- 2022-11 Security Monthly Quality Rollup for Windows 8.1
• KB5020010 -- 2022-11 Security Only Quality Update for Windows 8.1

Windows 10 version 21H1

• 
  KB5019959 -- 2022-11 Cumulative Update for Windows 10 Version 21H1
  

Windows 10 Version 21H2

• KB5019959 - 2022-11 Cumulative Update for Windows 10 Version 21H2

Windows 10 version 22H2

• KB5019959 -- 2022-11 Cumulative Update for Windows 10 Version 21H2

Windows 11 Release version

• KB5019961 -- 2022-11 Cumulative Update for Windows 11

Windows 11 version 22H2

• KB5019980 -- 2022-11 Cumulative Update for Windows 11 version 22H2

Additional resources

• November 2022 Security Updates release notes
• List of software updates for Microsoft products
• List of the latest Windows Updates and Services Packs
• Security Updates Guide
• Microsoft Update Catalog site
• Our in-depth Windows update guide
• How to install optional updates on Windows 10
• Windows 11 Update History
• Windows 10 Update History
• Windows 8.1 Update History
• Windows 7 Update History

Thank you for being a Ghacks reader. The post Microsoft Windows Security Updates November 2022 overview appeared first on gHacks Technology News.

read more...

 

Microsoft June 2022 Security Updates

June 2022 Security Updates
Updates this Month


This release consists of security updates for the following products, features and roles.

• .NET and Visual Studio
  
• Azure OMI
  
• Azure Real Time Operating System
  
• Azure Service Fabric Container
  
• Intel
  
• Microsoft Edge (Chromium-based)
  
• Microsoft Office
  
• Microsoft Office Excel
  
• Microsoft Office SharePoint
  
• Microsoft Windows ALPC
  
• Microsoft Windows Codecs Library
  
• Remote Volume Shadow Copy Service (RVSS)
  
• Role: Windows Hyper-V
  
• SQL Server
  
• Windows Ancillary Function Driver for WinSock
  
• Windows App Store
  
• Windows Autopilot
  
• Windows Container Isolation FS Filter Driver
  
• Windows Container Manager Service
  
• Windows Defender
  
• Windows Encrypting File System (EFS)
  
• Windows File History Service
  
• Windows Installer
  
• Windows iSCSI
  
• Windows Kerberos
  
• Windows Kernel
  
• Windows LDAP - Lightweight Directory Access Protocol
  
• Windows Local Security Authority Subsystem Service
  
• Windows Media
  
• Windows Network Address Translation (NAT)
  
• Windows Network File System
  
• Windows PowerShell
  
• Windows SMB

Please note the following information regarding the security updates:


Security Update Guide Blog Posts

Date Blog Post

January 11, 2022 Coming Soon: New Security Update Guide Notification System

February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

December 8, 2020 Security Update Guide: Let’s keep the conversation going

November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Information

• The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
  
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds

The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

• CVE-2022-2007
  
• CVE-2022-2008
  
• CVE-2022-2010
  
• CVE-2022-2011
  
• CVE-2022-21123
  
• CVE-2022-21125
  
• CVE-2022-21127
  
• CVE-2022-21166
  
• CVE-2022-22018
  
• CVE-2022-22021
  
• CVE-2022-29111
  
• CVE-2022-29119
  
• CVE-2022-29143
  
• CVE-2022-29149
  
• CVE-2022-30136
  
• CVE-2022-30137
  
• CVE-2022-30139
  
• CVE-2022-30140
  
• CVE-2022-30141
  
• CVE-2022-30142
  
• CVE-2022-30143
  
• CVE-2022-30145
  
• CVE-2022-30146
  
• CVE-2022-30148
  
• CVE-2022-30149
  
• CVE-2022-30150
  
• CVE-2022-30151
  
• CVE-2022-30153
  
• CVE-2022-30154
  
• CVE-2022-30155
  
• CVE-2022-30157
  
• CVE-2022-30158
  
• CVE-2022-30159
  
• CVE-2022-30161
  
• CVE-2022-30162
  
• CVE-2022-30163
  
• CVE-2022-30164
  
• CVE-2022-30165
  
• CVE-2022-30167
  
• CVE-2022-30168
  
• CVE-2022-30171
  
• CVE-2022-30172
  
• CVE-2022-30173
  
• CVE-2022-30174
  
• CVE-2022-30177
  
• CVE-2022-30178
  
• CVE-2022-30179
  
• CVE-2022-30180
  
• CVE-2022-30184
  
• CVE-2022-30188
  
• CVE-2022-30189
  
• CVE-2022-30193
  
• CVE-2022-32230

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To

5002219 SharePoint Foundation 2013

5014692 Windows Server 2019

5014697 Windows 11

5014699 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

5014738 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

5014741 Windows Server 2012 (Security-only update)

5014742 Windows 7, Windows Server 2008 R2 (Security-only update)

5014743 Windows Server 2008 (Security-only update)

5014746 Windows 8.1, Windows Server 2012 R2 (Security-only update)

5014747 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

5014748 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

5014752 Windows Server 2008 (Monthly Rollup)

Released: Jun 14, 2022

June 2022 Security Updates - Release Notes - Security Update Guide - Microsoft

 

Microsoft January 2022 Security Updates

January 2022 Security Updates
Updates this Month


This release consists of security updates for the following products, features and roles.

• .NET Framework
• Microsoft Dynamics
• Microsoft Edge (Chromium-based)
• Microsoft Exchange Server
• Microsoft Graphics Component
• Microsoft Office
• Microsoft Office Excel
• Microsoft Office SharePoint
• Microsoft Office Word
• Microsoft Teams
• Microsoft Windows Codecs Library
• Open Source Software
• Role: Windows Hyper-V
• Tablet Windows User Interface
• Windows Account Control
• Windows Active Directory
• Windows AppContracts API Server
• Windows Application Model
• Windows BackupKey Remote Protocol
• Windows Bind Filter Driver
• Windows Certificates
• Windows Cleanup Manager
• Windows Clipboard User Service
• Windows Cluster Port Driver
• Windows Common Log File System Driver
• Windows Connected Devices Platform Service
• Windows Cryptographic Services
• Windows Defender
• Windows Devices Human Interface
• Windows Diagnostic Hub
• Windows DirectX
• Windows DWM Core Library
• Windows Event Tracing
• Windows Geolocation Service
• Windows HTTP Protocol Stack
• Windows IKE Extension
• Windows Installer
• Windows Kerberos
• Windows Kernel
• Windows Libarchive
• Windows Local Security Authority
• Windows Local Security Authority Subsystem Service
• Windows Modern Execution Server
• Windows Push Notifications
• Windows RDP
• Windows Remote Access Connection Manager
• Windows Remote Desktop
• Windows Remote Procedure Call Runtime
• Windows Resilient File System (ReFS)
• Windows Secure Boot
• Windows Security Center
• Windows StateRepository API
• Windows Storage
• Windows Storage Spaces Controller
• Windows System Launcher
• Windows Task Flow Data Engine
• Windows Tile Data Repository
• Windows UEFI
• Windows UI Immersive Server
• Windows User Profile Service
• Windows User-mode Driver Framework
• Windows Virtual Machine IDE Drive
• Windows Win32K
• Windows Workstation Service Remote Protocol

Please note the following information regarding the security updates:


Security Update Guide Blog Posts
Date Blog Post
January 11, 2022 Coming Soon: A Brand-New Notification System!
February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020 Security Update Guide: Let’s keep the conversation going
November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide
Relevant Information

• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds
The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

• CVE-2021-22947
• CVE-2021-36976
• CVE-2022-0096
• CVE-2022-0097
• CVE-2022-0098
• CVE-2022-0099
• CVE-2022-0100
• CVE-2022-0101
• CVE-2022-0102
• CVE-2022-0103
• CVE-2022-0104
• CVE-2022-0105
• CVE-2022-0106
• CVE-2022-0107
• CVE-2022-0108
• CVE-2022-0109
• CVE-2022-0110
• CVE-2022-0111
• CVE-2022-0112
• CVE-2022-0113
• CVE-2022-0114
• CVE-2022-0115
• CVE-2022-0116
• CVE-2022-0117
• CVE-2022-0118
• CVE-2022-0120
• CVE-2022-21836
• CVE-2022-21837
• CVE-2022-21838
• CVE-2022-21840
• CVE-2022-21841
• CVE-2022-21842
• CVE-2022-21843
• CVE-2022-21846
• CVE-2022-21848
• CVE-2022-21849
• CVE-2022-21850
• CVE-2022-21851
• CVE-2022-21855
• CVE-2022-21857
• CVE-2022-21876
• CVE-2022-21877
• CVE-2022-21880
• CVE-2022-21882
• CVE-2022-21883
• CVE-2022-21887
• CVE-2022-21889
• CVE-2022-21890
• CVE-2022-21892
• CVE-2022-21893
• CVE-2022-21900
• CVE-2022-21901
• CVE-2022-21904
• CVE-2022-21905
• CVE-2022-21907
• CVE-2022-21912
• CVE-2022-21914
• CVE-2022-21915
• CVE-2022-21917
• CVE-2022-21920
• CVE-2022-21922
• CVE-2022-21928
• CVE-2022-21929
• CVE-2022-21930
• CVE-2022-21931
• CVE-2022-21954
• CVE-2022-21958
• CVE-2022-21959
• CVE-2022-21960
• CVE-2022-21961
• CVE-2022-21962
• CVE-2022-21963
• CVE-2022-21964
• CVE-2022-21969
• CVE-2022-21970
• CVE-2022-22709

Known Issues
You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To
5002109 SharePoint Server 2019 Core
5002111 SharePoint Server Subscription Edition Core
5002113 SharePoint Enterprise Server 2016
5002127 SharePoint Foundation 2013
5008631 Microsoft Exchange Server 2013, 2016, 2019
5009543 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
5009546 Windows 10, version 1607, Windows Server 2016
5009555 Windows Server 2022
5009557 Windows Server 2019
5009566 Windows 11
5009586 Windows Server 2012 (Monthly Rollup)
5009595 Windows 8.1, Windows Server 2012 R2 (Security-only update)
5009601 Windows Server 2008 (Security-only update)
5009610 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
5009619 Windows Server 2012 (Security-only update)
5009621 Windows 7, Windows Server 2008 R2 (Security-only update)
5009624 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
5009627 Windows Server 2008 (Monthly Rollup)
Released: Jan 11, 2022
January 2022 Security Updates - Release Notes - Security Update Guide - Microsoft

 

Microsoft July 2022 Security Updates

July 2022 Security Updates
Updates this Month


This release consists of security updates for the following products, features and roles.

• AMD CPU Branch
  
• Azure Site Recovery
  
• Azure Storage Library
  
• Microsoft Defender for Endpoint
  
• Microsoft Edge (Chromium-based)
  
• Microsoft Graphics Component
  
• Microsoft Office
  
• Open Source Software
  
• Role: DNS Server
  
• Role: Windows Fax Service
  
• Role: Windows Hyper-V
  
• Skype for Business and Microsoft Lync
  
• Windows Active Directory
  
• Windows Advanced Local Procedure Call
  
• Windows BitLocker
  
• Windows Boot Manager
  
• Windows Client/Server Runtime Subsystem
  
• Windows Connected Devices Platform Service
  
• Windows Credential Guard
  
• Windows Fast FAT Driver
  
• Windows Fax and Scan Service
  
• Windows Group Policy
  
• Windows IIS
  
• Windows Kernel
  
• Windows Media
  
• Windows Network File System
  
• Windows Performance Counters
  
• Windows Point-to-Point Tunneling Protocol
  
• Windows Portable Device Enumerator Service
  
• Windows Print Spooler Components
  
• Windows Remote Procedure Call Runtime
  
• Windows Security Account Manager
  
• Windows Server Service
  
• Windows Shell
  
• Windows Storage
  
• XBox

Please note the following information regarding the security updates:


Security Update Guide Blog Posts

Date Blog Post

January 11, 2022 Coming Soon: New Security Update Guide Notification System

February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

December 8, 2020 Security Update Guide: Let’s keep the conversation going

November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Information

• The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
  
• Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
  
• Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
  
• A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
  
• In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
  
• Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds

The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

• CVE-2022-21845
  
• CVE-2022-22022
  
• CVE-2022-22023
  
• CVE-2022-22024
  
• CVE-2022-22026
  
• CVE-2022-22027
  
• CVE-2022-22028
  
• CVE-2022-22029
  
• CVE-2022-22031
  
• CVE-2022-22034
  
• CVE-2022-22036
  
• CVE-2022-22037
  
• CVE-2022-22038
  
• CVE-2022-22039
  
• CVE-2022-22040
  
• CVE-2022-22041
  
• CVE-2022-22042
  
• CVE-2022-22043
  
• CVE-2022-22045
  
• CVE-2022-22047
  
• CVE-2022-22048
  
• CVE-2022-22049
  
• CVE-2022-22050
  
• CVE-2022-22711
  
• CVE-2022-2294
  
• CVE-2022-2295
  
• CVE-2022-23816
  
• CVE-2022-23825
  
• CVE-2022-27776
  
• CVE-2022-30181
  
• CVE-2022-30187
  
• CVE-2022-30202
  
• CVE-2022-30203
  
• CVE-2022-30205
  
• CVE-2022-30206
  
• CVE-2022-30209
  
• CVE-2022-30211
  
• CVE-2022-30212
  
• CVE-2022-30213
  
• CVE-2022-30214
  
• CVE-2022-30215
  
• CVE-2022-30216
  
• CVE-2022-30220
  
• CVE-2022-30221
  
• CVE-2022-30222
  
• CVE-2022-30223
  
• CVE-2022-30224
  
• CVE-2022-30225
  
• CVE-2022-30226
  
• CVE-2022-33632
  
• CVE-2022-33633
  
• CVE-2022-33637
  
• CVE-2022-33641
  
• CVE-2022-33642
  
• CVE-2022-33643
  
• CVE-2022-33644
  
• CVE-2022-33650
  
• CVE-2022-33651
  
• CVE-2022-33652
  
• CVE-2022-33653
  
• CVE-2022-33654
  
• CVE-2022-33655
  
• CVE-2022-33656
  
• CVE-2022-33657
  
• CVE-2022-33658
  
• CVE-2022-33659
  
• CVE-2022-33660
  
• CVE-2022-33661
  
• CVE-2022-33662
  
• CVE-2022-33663
  
• CVE-2022-33664
  
• CVE-2022-33665
  
• CVE-2022-33666
  
• CVE-2022-33667
  
• CVE-2022-33668
  
• CVE-2022-33669
  
• CVE-2022-33671
  
• CVE-2022-33672
  
• CVE-2022-33673
  
• CVE-2022-33674
  
• CVE-2022-33675
  
• CVE-2022-33676
  
• CVE-2022-33677
  
• CVE-2022-33678

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


KB Article Applies To

5015807 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

5015811 Windows 10, version 1809, Windows Server 2019

5015814 Windows 11

5015827 Windows Server 2022

5015861 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

5015862 Windows 7, Windows Server 2008 R2 (Security-only update)

5015863 Windows Server 2012 (Monthly Rollup)

5015866 Windows Server 2008 (Monthly Rollup)

5015870 Windows Server 2008 (Security-only update)

5015874 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

5015875 Windows Server 2012 (Security-only update)

5015877 Windows 8.1, Windows Server 2012 R2 (Security-only update)

Released: 12 Jul 2022

July 2022 Security Updates - Release Notes - Security Update Guide - Microsoft