Alert GCSA-22087 - Microsoft Security Update Agosto 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256





******************************************************************

Alert ID: GCSA-22087
Data: 10 Agosto 2022
Titolo: Microsoft Security Update Agosto 2022

******************************************************************


:: Descrizione del problema

Microsoft ha rilasciato il security update mensile per Agosto 2022,
questa versione risolve 121 vulnerabilita', delle quali due zero-day.

Maggiori dettagli sono disponibili alla sezione "Riferimenti".


:: Software interessato

.NET Core
Active Directory Domain Services
Azure Batch Node Agent
Azure Real Time Operating System
Azure Site Recovery
Azure Sphere
Microsoft ATA Port Driver
Microsoft Bluetooth Driver
Microsoft Edge (Chromium-based)
Microsoft Exchange Server
Microsoft Office
Microsoft Office Excel
Microsoft Office Outlook
Microsoft Windows Support Diagnostic Tool (MSDT)
Remote Access Service Point-to-Point Tunneling Protocol
Role: Windows Fax Service
Role: Windows Hyper-V
System Center Operations Manager
Visual Studio
Windows Bluetooth Service
Windows Canonical Display Driver
Windows Cloud Files Mini Filter Driver
Windows Defender Credential Guard
Windows Digital Media
Windows Error Reporting
Windows Hello
Windows Internet Information Services
Windows Kerberos
Windows Kernel
Windows Local Security Authority (LSA)
Windows Network File System
Windows Partition Management Driver
Windows Point-to-Point Tunneling Protocol
Windows Print Spooler Components
Windows Secure Boot
Windows Secure Socket Tunneling Protocol (SSTP)
Windows Storage Spaces Direct
Windows Unified Write Filter
Windows WebBrowser Control
Windows Win32K


:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Information Disclosure (ID)
Bypass restrizioni di sicurezza


:: Soluzioni

Per default l'installazione degli aggiornamenti
avviene in maniera automatica.

Per installare manualmente scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update

Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates

Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq

Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/

Gli utenti che utilizzano ancora Windows 7, Windows Server 2008 o 2008 R2
devono acquistare l'Extended Security Update per continuare a ricevere gli aggiornamenti
https://support.microsoft.com/en-hk/help/4522133/procedure-to-continue-receiving-security-updates


:: Riferimenti

Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2022-Aug
https://msrc.microsoft.com/update-guide/deployments

CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-mensili-microsoft-al04-220810-csirt-ita

US-CERT
https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/microsoft-releases-august-2022-security-updates

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21980
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24516
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30175
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33631
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33670
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34302
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34303
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34686
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34699
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34701
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34702
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34703
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34706
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34710
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35771
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35804
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35812
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35818
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35820
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35821
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35827




GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEAREIAAYFAmLzl88ACgkQwZxMk2USYELBywCeLWZi7OKT/YBnjd1ZJA9rgbfN
lTsAn0xBynCAq8cHXjqa3sAb4WJhjUrV
=Y5V+
-----END PGP SIGNATURE-----