Microsoft Releases June 2022 Security Updates

Scheduled updates for Microsoft products

Threat ID:: CC-4109
Threat Severity:: Information only
Published:: 15 June 2022 1:25 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products

Affected platforms

The following platforms are known to be affected:

.NET and Visual Studio

Versions: Chromium-based

Microsoft Edge

Microsoft Office

Microsoft Office Sharepoint

Microsoft Windows Codecs Library

Microsoft SQL Server

Windows Defender

Microsoft PowerShell

The following platforms are also known to be affected:

Other products included

Azure OMI
Azure Real Time Operating System
Azure Service Fabric Container
Intel
Microsoft Office Excel
Microsoft Windows ALPC
Remote Volume Shadow Copy Service (RVSS)
Role: Windows Hyper-V
Windows Ancillary Function Driver for WinSock
Windows App Store
Windows Autopilot
Windows Container Isolation FS Filter Driver
Windows Container Manager Service
Windows Encrypting File System (EFS)
Windows File History Service
Windows Installer
Windows iSCSI
Windows Kerberos
Windows Kernel
Windows LDAP - Lightweight Directory Access Protocol
Windows Local Security Authority Subsystem Service
Windows Media
Windows Network Address Translation (NAT)
Windows Network File System
Windows SMB

Threat details

Introduction

Microsoft has released updates to address 60 vulnerabilities in Microsoft software, with 3 vulnerabilities considered critical. An unauthenticated remote attacker can exploit some of these vulnerabilities to take control of an affected system.

Known exploited vulnerability CVE-2022-30190 - "Follina"

Known exploited vulnerability CVE-2022-30190, also known as "Follina", is remediated in the June 2022 monthly rollup or as a single security only update. More information can be found in our cyber alert CC-4110 and the Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability CVE-2022-30190 page.

Threat updates

Date	Update
21 Jun 2022	Microsoft has released an OOB security update for Arm-based Windows devices Microsoft have released Out-of-Band (OOB) security updates for Arm-based Windows devices in response to issues related to signing in to Azure Active Directory (ADD), affecting other servers that use ADD such as VPN connections, Microsoft Teams, and Microsoft Outlook. Microsoft recommends installing this OOB update instead of the June 14, 2022 security update for affected devices. This update applies only to Arm-based Windows devices. Windows 11, version 21H2 Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2#2847msgdesc Cumulative update: KB5016138 Windows 10, version 21H2 Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#2847msgdesc Cumulative update: KB5016139 Windows 10, version 21H1: Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h1#2847msgdesc Cumulative update: KB5016139 Windows 10, version 20H2: Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-20h2#2847msgdesc Cumulative update: KB5016139

Date

Update

21 Jun 2022

Microsoft has released an OOB security update for Arm-based Windows devices

Microsoft have released Out-of-Band (OOB) security updates for Arm-based Windows devices in response to issues related to signing in to Azure Active Directory (ADD), affecting other servers that use ADD such as VPN connections, Microsoft Teams, and Microsoft Outlook. Microsoft recommends installing this OOB update instead of the June 14, 2022 security update for affected devices.

This update applies only to Arm-based Windows devices.

Windows 11, version 21H2
- Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2#2847msgdesc
- Cumulative update: KB5016138

Windows 10, version 21H2
- Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h2#2847msgdesc
- Cumulative update: KB5016139

Windows 10, version 21H1:
- Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-21h1#2847msgdesc
- Cumulative update: KB5016139

Windows 10, version 20H2:
- Known issue message: https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-20h2#2847msgdesc
- Cumulative update: KB5016139

Remediation advice

Affected organisations are encouraged to review Microsoft’s June 2022 Security Update Summary and Deployment Information and apply the relevant updates.

Definitive source of threat updates

Last edited: 21 June 2022 12:33 pm