Skip to main content

Microsoft Releases June 2022 Security Updates

Scheduled updates for Microsoft products

Threat ID:
CC-4109
Threat Severity:
Information only
Published:
15 June 2022 1:25 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled updates for Microsoft products

The following platforms are also known to be affected:

Other products included

  • Azure OMI
  • Azure Real Time Operating System
  • Azure Service Fabric Container
  • Intel
  • Microsoft Office Excel
  • Microsoft Windows ALPC
  • Remote Volume Shadow Copy Service (RVSS)
  • Role: Windows Hyper-V
  • Windows Ancillary Function Driver for WinSock
  • Windows App Store
  • Windows Autopilot
  • Windows Container Isolation FS Filter Driver
  • Windows Container Manager Service
  • Windows Encrypting File System (EFS)
  • Windows File History Service
  • Windows Installer
  • Windows iSCSI
  • Windows Kerberos
  • Windows Kernel
  • Windows LDAP - Lightweight Directory Access Protocol
  • Windows Local Security Authority Subsystem Service
  • Windows Media
  • Windows Network Address Translation (NAT)
  • Windows Network File System
  • Windows SMB

Threat details

Introduction

Microsoft has released updates to address 60 vulnerabilities in Microsoft software, with 3 vulnerabilities considered critical. An unauthenticated remote attacker can exploit some of these vulnerabilities to take control of an affected system.

Known exploited vulnerability CVE-2022-30190 - "Follina"

Known exploited vulnerability CVE-2022-30190, also known as "Follina", is remediated in the June 2022 monthly rollup or as a single security only update.  More information can be found in our cyber alert CC-4110 and the Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability CVE-2022-30190 page.

Threat updates

Date Update
21 Jun 2022 Microsoft has released an OOB security update for Arm-based Windows devices

Microsoft have released Out-of-Band (OOB) security updates for Arm-based Windows devices in response to issues related to signing in to Azure Active Directory (ADD), affecting other servers that use ADD such as VPN connections, Microsoft Teams, and Microsoft Outlook. Microsoft recommends installing this OOB update instead of the June 14, 2022 security update for affected devices.

This update applies only to Arm-based Windows devices.

 

 

 

Remediation advice

Affected organisations are encouraged to review Microsoft’s June 2022 Security Update Summary and Deployment Information and apply the relevant updates.

Last edited: 21 June 2022 12:33 pm