Alert GCSA-22054 - Microsoft Security Update Maggio 2022
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22054
Data: 11 Maggio 2022
Titolo: Microsoft Security Update Maggio 2022
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato il security update mensile per maggio 2022,
questa versione risolve 73 vulnerabilita', tra cui 3 zero-day.
La CVE-2022-26925 risulta essere sfruttata attivamente in rete.
Risultano presenti in rete dei Proof of Concept (PoF) per le CVE
CVE-2022-22713, CVE-2022-26925 e CVE-2022-29972.
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software interessato
.NET and Visual Studio
Microsoft Exchange Server
Microsoft Graphics Component
Microsoft Local Security Authority Server (lsasrv)
Microsoft Office
Microsoft Office Excel
Microsoft Office SharePoint
Microsoft Windows ALPC
Remote Desktop Client
Role: Windows Fax Service
Role: Windows Hyper-V
Self-hosted Integration Runtime
Tablet Windows User Interface
Visual Studio
Visual Studio Code
Windows Active Directory
Windows Address Book
Windows Authentication Methods
Windows BitLocker
Windows Cluster Shared Volume (CSV)
Windows Failover Cluster Automation Server
Windows Kerberos
Windows Kernel
Windows LDAP - Lightweight Directory Access Protocol
Windows Media
Windows Network File System
Windows NTFS
Windows Point-to-Point Tunneling Protocol
Windows Print Spooler Components
Windows Push Notifications
Windows Remote Access Connection Manager
Windows Remote Desktop
Windows Remote Procedure Call Runtime
Windows Server Service
Windows Storage Spaces Controller
Windows WLAN Auto Config Service
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Provide Misleading Information (spoofing)
Information Disclosure (ID)
Bypass restrizioni di sicurezza
:: Soluzioni
Per default l'installazione degli aggiornamenti
avviene in maniera automatica.
Per installare manualmente scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/
Gli utenti che utilizzano ancora Windows 7, Windows Server 2008 o 2008 R2
devono acquistare l'Extended Security Update per continuare a ricevere gli aggiornamenti
https://support.microsoft.com/en-hk/help/4522133/procedure-to-continue-receiving-security-updates
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2022-May
https://msrc-blog.microsoft.com/2022/05/09/vulnerability-mitigated-in-the-third-party-data-connector-used-in-azure-synapse-pipelines-and-azure-data-factory-cve-2022-29972/
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-mensili-microsoft-al01-220511-csirt-ita
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/critical-patches-issued-for-microsoft-products-may-10-2022_2022-065
SecurityWeek
https://www.securityweek.com/patch-tuesday-microsoft-warns-new-zero-day-being-exploited
The Hacker News
https://thehackernews.com/2022/05/microsoft-releases-fix-for-new-zero-day.html
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23270
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23279
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29139
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29142
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29148
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29150
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30129
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmJ7e0cACgkQwZxMk2USYEIP5ACfWeWAZMz8WPUZK1rv3Zs+mYkb
aW4AoJk/wZ3gL+1S9vL+dqbEVrugN/cc
=QBA3
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22054
Data: 11 Maggio 2022
Titolo: Microsoft Security Update Maggio 2022
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato il security update mensile per maggio 2022,
questa versione risolve 73 vulnerabilita', tra cui 3 zero-day.
La CVE-2022-26925 risulta essere sfruttata attivamente in rete.
Risultano presenti in rete dei Proof of Concept (PoF) per le CVE
CVE-2022-22713, CVE-2022-26925 e CVE-2022-29972.
Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software interessato
.NET and Visual Studio
Microsoft Exchange Server
Microsoft Graphics Component
Microsoft Local Security Authority Server (lsasrv)
Microsoft Office
Microsoft Office Excel
Microsoft Office SharePoint
Microsoft Windows ALPC
Remote Desktop Client
Role: Windows Fax Service
Role: Windows Hyper-V
Self-hosted Integration Runtime
Tablet Windows User Interface
Visual Studio
Visual Studio Code
Windows Active Directory
Windows Address Book
Windows Authentication Methods
Windows BitLocker
Windows Cluster Shared Volume (CSV)
Windows Failover Cluster Automation Server
Windows Kerberos
Windows Kernel
Windows LDAP - Lightweight Directory Access Protocol
Windows Media
Windows Network File System
Windows NTFS
Windows Point-to-Point Tunneling Protocol
Windows Print Spooler Components
Windows Push Notifications
Windows Remote Access Connection Manager
Windows Remote Desktop
Windows Remote Procedure Call Runtime
Windows Server Service
Windows Storage Spaces Controller
Windows WLAN Auto Config Service
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Provide Misleading Information (spoofing)
Information Disclosure (ID)
Bypass restrizioni di sicurezza
:: Soluzioni
Per default l'installazione degli aggiornamenti
avviene in maniera automatica.
Per installare manualmente scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update
Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates
Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/
Gli utenti che utilizzano ancora Windows 7, Windows Server 2008 o 2008 R2
devono acquistare l'Extended Security Update per continuare a ricevere gli aggiornamenti
https://support.microsoft.com/en-hk/help/4522133/procedure-to-continue-receiving-security-updates
:: Riferimenti
Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2022-May
https://msrc-blog.microsoft.com/2022/05/09/vulnerability-mitigated-in-the-third-party-data-connector-used-in-azure-synapse-pipelines-and-azure-data-factory-cve-2022-29972/
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-mensili-microsoft-al01-220511-csirt-ita
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/critical-patches-issued-for-microsoft-products-may-10-2022_2022-065
SecurityWeek
https://www.securityweek.com/patch-tuesday-microsoft-warns-new-zero-day-being-exploited
The Hacker News
https://thehackernews.com/2022/05/microsoft-releases-fix-for-new-zero-day.html
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23270
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23279
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26931
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26933
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26934
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26936
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29139
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29142
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29148
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29150
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30129
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmJ7e0cACgkQwZxMk2USYEIP5ACfWeWAZMz8WPUZK1rv3Zs+mYkb
aW4AoJk/wZ3gL+1S9vL+dqbEVrugN/cc
=QBA3
-----END PGP SIGNATURE-----