Successfully reported this slideshow.
Your SlideShare is downloading. ×

January 2022 patch tuesday

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
2022 February Patch Tuesday
2022 February Patch Tuesday
Loading in …3
×

Check these out next

1 of 52 Ad

January 2022 patch tuesday

Download to read offline

Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.

Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.

Advertisement
Advertisement

More Related Content

Advertisement
Advertisement

January 2022 patch tuesday

  1. 1. Patch Tuesday Webinar Wednesday, January 12, 2022 Hosted by Chris Goettl and Todd Schell
  2. 2. Agenda January 2022 Patch Tuesday Overview In the News Bulletins and Releases Between Patch Tuesdays Q & A
  3. 3. Overview
  4. 4. Copyright © 2022 Ivanti. All rights reserved. January Patch Tuesday 2022 January 2022 Patch Tuesday has a healthy lineup of issues to investigate this month including Log4j cleanup activities continuing in many organizations, a script to fix a date value limitation in on-premises Microsoft Exchange Transport service that caused email to become stuck for many organizations, and security updates from Microsoft, Adobe, Mozilla and Oracle (releasing on January 18, 2022). Check out our blog post for the latest update on Log4j and where to find the details on the Exchange fix as well!
  5. 5. In the News
  6. 6. Copyright © 2022 Ivanti. All rights reserved. Log4j Guidance Update:  Apache Log4j Java Library Vulnerabilities  Latest Guidance  CISA https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance  CIS https://www.cisecurity.org/log4j-zero-day-vulnerability-response/  Latest update from Apache:https://logging.apache.org/log4j/2.x/security.html  Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6)
  7. 7. Copyright © 2022 Ivanti. All rights reserved. Log4j Guidance Update:  Organizations: Determine whether your products with Log4j are vulnerable  Consult vulnerable apps lists: https://github.com/cisagov/log4j-affected-db  Run Log4j scanner (in addition to existing vulnerability scanners): https://github.com/CERTCC/CVE-2021- 44228_scanner  Vendors and DevSecOps:  Review Apache Log4j security vulnerabilities page (ISA urges users and administrators to upgrade to Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6))  Provide mitigation steps for current exposed product versions  Provide update guidance to patch or upgrade Log4j to recommended versions
  8. 8. Copyright © 2022 Ivanti. All rights reserved. Exchange NYE Surprise!  Email Stuck in Exchange On-premises Transport Queues  Initial guidance was to disable antimalware scanning and restart transport service (this was to get email flowing while a proper fix was identified, but not recommended long term)  Updated guidance provides an automated or manual option to resolve the date check failure  https://techcommunity.microsoft.com/t5/exchange-team- blog/email-stuck-in-exchange-on-premises-transport- queues/ba-p/3049447  Run automated script or follow the manual steps to update the engine version
  9. 9. Copyright © 2022 Ivanti. All rights reserved. Publicly Disclosed Vulnerabilities  CVE-2021-22947 Open Source Curl Remote Code Execution Vulnerability  CVSS 3.1 Scores: Not assigned  Severity: Critical  Impacts Windows 10 1809+, Server 2019+, and Windows 11  CVE-2021-36976 Libarchive Remote Code Execution Vulnerability  CVSS 3.1 Scores: Not assigned  Severity: Important  Impacts Windows 10 1809+, Server 2019+, and Windows 11
  10. 10. Copyright © 2022 Ivanti. All rights reserved. Publicly Disclosed Vulnerabilities (cont)  CVE-2022-21836 Windows Certificate Spoofing Vulnerability  CVSS 3.1 Scores: 7.8 / 7.0  Severity: Important  Impacts all Windows workstation and server operating systems.  CVE-2022-21839 Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability  CVSS 3.1 Scores: 6.1 / 5.5  Severity: Important  Windows 10 version 1809 and Server 2019
  11. 11. Copyright © 2022 Ivanti. All rights reserved. Publicly Disclosed Vulnerabilities (cont)  CVE-2022-21874 Windows Security Center API Remote Code Execution Vulnerability  CVSS 3.1 Scores: 7.8 / 6.8  Severity: Important  Impacts all Windows 10 workstations and servers, and Windows 11.  CVE-2022-21919 Windows User Profile Service Elevation of Privilege Vulnerability  CVSS 3.1 Scores: 7.0 / 6.3  Severity: Important  Impacts all Windows workstation and server operating systems.
  12. 12. Copyright © 2022 Ivanti. All rights reserved. Microsoft Patch Tuesday Updates of Interest  No Servicing Stack Updates (SSUs) this month  Year 2 Extended Security Support (ESU)  Windows 7 and Server 2008/2008 R2  Ended this Patch Tuesday  Final Year? – 1/12/22 through 1/10/23  Oracle Critical Patch Update (CPU)  Next week - 1/18  https://www.oracle.com/security-alerts/
  13. 13. Copyright © 2022 Ivanti. All rights reserved. Windows 10 and 11 Lifecycle Awareness Windows 10 Enterprise and Education Version Release Date End of Support Date 21H2 11/16/2021 6/11/2024 21H1 5/18/2021 12/13/2022 20H2 10/20/2020 5/9/2023 Windows 10 Home and Pro Version Release Date End of Support Date 21H2 11/16/2021 6/13/2023 21H1 5/18/2021 12/13/2022 20H2 10/20/2020 5/10/2022 Windows Datacenter and Standard Server Version Release Date End of Support Date 2022 8/18/2021 10/13/2026 20H2 10/20/2020 5/10/2022 Windows 11 Home and Pro Version Release Date End of Support Date 21H2 10/4/2021 10/10/2023  Lifecycle Fact Sheet  https://docs.microsoft.com/en-us/lifecycle/faq/windows
  14. 14. Copyright © 2022 Ivanti. All rights reserved. Server 2012/2012 R2 EOL is Coming  Lifecycle Fact Sheet  https://docs.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2
  15. 15. Copyright © 2022 Ivanti. All rights reserved. Patch Content Announcements  Announcements Posted on Community Forum Pages  https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2  Subscribe to receive email for the desired product(s) New! New!
  16. 16. Bulletins and Releases
  17. 17. Copyright © 2022 Ivanti. All rights reserved. APSB22-01: Security Update for Adobe Acrobat and Reader  Maximum Severity: Critical  Affected Products: Adobe Acrobat and Reader (all current versions)  Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical, important and moderate vulnerabilities. Of the 26 reported vulnerabilities, 16 are rated Critical. See https://helpx.adobe.com/security/products/acrobat/apsb22-01.html for complete details.  Impact: Remote Code Execution, Security Feature Bypass, Elevation of Privilege, Denial of Service, and Information Disclosure  Fixes 26 Vulnerabilities: See link to Adobe bulletin  Restart Required: Requires application restart
  18. 18. Copyright © 2022 Ivanti. All rights reserved. MFSA-2022-01: Security Update Firefox 96  Maximum Severity: Critical (High)  Affected Products: Firefox  Description: This security update from Mozilla addresses critical vulnerabilities in the Firefox application on multiple platforms. Of the 18 reported vulnerabilities, 8 are rated as High. See https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/ for complete details.  Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 18 Vulnerabilities: See link to Mozilla bulletin  Restart Required: Requires application restart  Known Issues: None
  19. 19. Copyright © 2022 Ivanti. All rights reserved. MFSA-2022-02: Security Update Firefox ESR 91.5  Maximum Severity: Critical (High)  Affected Products: Firefox ESR  Description: This security update from Mozilla addresses critical vulnerabilities in the Firefox ESR application on multiple platforms. Of the 14 reported vulnerabilities, 8 are rated as High. See https://www.mozilla.org/en-US/security/advisories/mfsa2022-02/ for complete details.  Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 14 Vulnerabilities: See link to Mozilla bulletin  Restart Required: Requires application restart  Known Issues: None
  20. 20. Copyright © 2022 Ivanti. All rights reserved. MFSA-2022-03: Security Update Thunderbird 91.5  Maximum Severity: Critical (High)  Affected Products: Thunderbird  Description: This security update from Mozilla addresses critical vulnerabilities in the Thunderbird application on multiple platforms. Of the 14 reported vulnerabilities, 8 are rated as High. See https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/ for complete details.  Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 14 Vulnerabilities: See link to Mozilla bulletin  Restart Required: Requires application restart  Known Issues: None
  21. 21. Copyright © 2022 Ivanti. All rights reserved. MS22-01-W11: Windows 11 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 11 Version 21H2 and Edge Chromium  Description: This bulletin references KB 5009566.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 66 Vulnerabilities: No CVEs are known exploited. CVE-2021-22947, CVE- 2021-36976, CVE-2022-21836, CVE-2022-21874 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [Display] After installing Windows 11, some image editing programs might not render colors correctly on certain high dynamic range (HDR) displays. This is frequently observed with white colors, which could display in bright yellow or other colors. Workaround: Microsoft is working on a fix.
  22. 22. Copyright © 2022 Ivanti. All rights reserved. MS22-01-W10: Windows 10 Update  Maximum Severity: Critical  Affected Products: Microsoft Windows 10 Versions 1607, 1809, 1909, 2004, 20H2, 21H1, 21H2, Server 2016, Server 2019, Server 2022, Server version 1909, Server version 2004, Server version 20H2, Server 21H1, IE 11, and Edge Chromium  Description: This bulletin references 6 KB articles. See KBs for the list of changes.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 85 Vulnerabilities: No CVEs are known exploited. No CVEs are known exploited. CVE-2021-22947, CVE-2021-36976, CVE-2022-21836, CVE-2022-21839, CVE-2022-21874 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: See next slides
  23. 23. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Windows 10  KB 5009546 – Windows 10, version 1607, Windows Server 2016  [Key Manager] After installing updates released April 22, 2021 or later, an issue occurs that affects versions of Windows Server that are in use as a Key Management Services (KMS) host. Client devices running Windows 10 Enterprise LTSC 2019 and Windows 10 Enterprise LTSC 2016 might fail to activate. This issue only occurs when using a new Customer Support Volume License Key (CSVLK). See KB for additional details. Workaround: Microsoft is working on a resolution.
  24. 24. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Windows 10 (cont)  KB 5009557 – Windows 10 Enterprise 2019 LTSC, Windows 10 IoT Enterprise 2019 LTSC, Windows 10 IoT Core 2019 LTSC, Windows Server 2019  [Asian Packs] After installing KB 4493509, devices with some Asian language packs installed may receive the error, "0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.“ Workaround: Uninstall and reinstall any recently added language packs or select Check for Updates and install the April 2019 Cumulative Update. See KB for more recovery details. Microsoft is working on a resolution.  [Cluster Update] After installing KB 5001342 or later, the Cluster Service might fail to start because a Cluster Network Driver is not found. Workaround: This issue occurs because of an update to the PnP class drivers used by this service. After about 20 minutes, you should be able to restart your device and not encounter this issue. For more information about the specific errors, cause, and workaround for this issue, please see KB 5003571.  [Key Manager]
  25. 25. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Windows 10 (cont)  KB 5009543 –Windows 10 version 20H2, Windows Server version 20H2, Windows 10 version 21H1  [Scavaged] After installing the June 21, 2021 (KB5003690) update, some devices cannot install new updates, such as the July 6, 2021 (KB5004945) or later updates. You will receive the error message, "PSFX_E_MATCHING_BINARY_MISSING". Workaround: In place upgrade. For more information and a workaround, see KB5005322.  [Edge Removed] Devices with Windows installations created from custom offline media or custom ISO image might have Microsoft Edge Legacy removed by this update, but not automatically replaced by the new Microsoft Edge. Devices that connect directly to Windows Update to receive updates are not affected. Workaround: Slipstream the SSU released March 29, 2021 or later into the custom offline media or ISO image before slipstreaming the LCU. See KB for details.
  26. 26. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Windows 10 (cont)  KB 5009543 –Windows 10 version 20H2, Windows Server version 20H2, Windows 10 version 21H1  [Smart Card Failure] After installing this update, when connecting to devices in an untrusted domain using Remote Desktop, connections might fail to authenticate when using smart card authentication. You might receive the prompt, "Your credentials did not work. The credentials that were used to connect to [device name] did not work. Please enter new credentials." and "The login attempt failed" in red. Workaround: Requires use of Known Issue Rollback (KIR). See KB for details.  KB 5009555 – Server 2022  [Smart Card Failure]
  27. 27. Copyright © 2022 Ivanti. All rights reserved. MS22-01-MR2K8-ESU: Monthly Rollup for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008 and IE 9  Description: This security update includes improvements and fixes that were a part of update KB 5008274 (released December 14, 2021). Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009627.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 25 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: See next slide.
  28. 28. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Server 2008  KB 5009627 – Windows Server 2008 (Monthly Rollup)  [File Rename] Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Workaround: Perform the operation from a process that has administrator privilege or perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution.  KB 5009601 – Windows Server 2008 (Security-only Update)  [File Rename]
  29. 29. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SO2K8-ESU: Security-only Update for Windows Server 2008  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2008  Description: Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009601.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 25 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: See previous slide.
  30. 30. Copyright © 2022 Ivanti. All rights reserved. MS22-01-MR7-ESU: Monthly Rollup for Win 7 MS22-01-MR2K8R2-ESU Monthly Rollup for Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7, Server 2008 R2, and IE 11  Description: This security update includes improvements and fixes that were a part of update KB 5008244 (released December 14, 2021). Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009610.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 35 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE- 2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  31. 31. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SO7-ESU: Security-only Update for Win 7 MS22-01-SO2K8R2-ESU: Security-only Update for Server 2008 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 7 and Server 2008 R2  Description: Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009621.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 35 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  32. 32. Copyright © 2022 Ivanti. All rights reserved. MS22-01-MR8: Monthly Rollup for Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2012 and IE  Description: This security update includes improvements and fixes that were a part of update KB 5009586 (released previous December 14, 2021). Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009586.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 49 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE- 2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  33. 33. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SO8: Security-only Update for Windows Server 2012  Maximum Severity: Critical  Affected Products: Microsoft Windows Server 2012  Description: Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009619.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 49 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  34. 34. Copyright © 2022 Ivanti. All rights reserved. MS22-01-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE  Description: This security update includes improvements and fixes that were a part of update KB 5008263 (released December 14, 2021). Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009624.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 52 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022- 21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  35. 35. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SO81: Security-only Update for Win 8.1 and Server 2012 R2  Maximum Severity: Critical  Affected Products: Microsoft Windows 8.1, Server 2012 R2  Description: Addresses a Windows Server issue in which Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol (LDAP) modify operation with multiple specific attribute changes. Bulletin is based on KB 5009595.  Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Spoofing, Elevation of Privilege and Information Disclosure  Fixes 52 Vulnerabilities: No CVEs are known exploited. CVE-2022-21836 and CVE-2022-21919 are publicly disclosed. See the Security Update Guide for the complete list of CVEs.  Restart Required: Requires restart  Known Issues: [File Rename]
  36. 36. Copyright © 2022 Ivanti. All rights reserved. MS22-01-OFF: Security Updates for Microsoft Office  Maximum Severity: Critical  Affected Products: Excel 2013 & 2016, Office 2013 & 2016, Office 2019 and LTSC 2021 for macOS, Office Online Server, Office Web Apps Server 2013 and Word 2016  Description: This security update resolves multiple vulnerabilities in Microsoft Office applications. Consult the Security Update Guide for specific details on each. This bulletin references just the release notes for the macOS Office.  Impact: Remote Code Execution  Fixes 3 Vulnerabilities: No vulnerabilities are publicly disclosed or known exploited. CVE-2022-21840, CVE-2022-21841, and CVE-2022-21842 are fixed in this release.  Restart Required: Requires application restart  Known Issues: None reported
  37. 37. Copyright © 2022 Ivanti. All rights reserved. MS22-01-O365: Security Updates Microsoft 365 Apps, Office 2019 and Office LTSC 2021  Maximum Severity: Critical  Affected Products: Microsoft 365 Apps, Office 2019, Office LTSC 2021  Description: This month’s update resolved various bugs and performance issues in Office applications. Information on the security updates is available at https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates.  Impact: Remote Code Execution  Fixes 2 Vulnerabilities: No vulnerabilities are publicly disclosed or known exploited. CVE-2022-21840 and CVE-2022-21841 are fixed in this release.  Restart Required: Requires application restart  Known Issues: None reported
  38. 38. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SPT: Security Updates for SharePoint Server  Maximum Severity: Critical  Affected Products: Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Foundation Server 2013, - 2019  Description: This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. This bulletin is based on 8 bulletins.  Impact: Remote Code Execution and Spoofing  Fixes 3 Vulnerabilities: No vulnerabilities are publicly disclosed or known exploited. CVE-2022-21837, CVE-2022-21840 and CVE-2022-21842 are fixed in this release.  Restart Required: Requires restart  Known Issues: See next slide
  39. 39. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Sharepoint Server  KB 5002127 – SharePoint Foundation Server 2013  [Web.config] Most users cannot access Web.config files in Microsoft SharePoint Server. The affected group of users does not include farm administrators, local administrators, or members who are managed by the system. Workaround: See KB 5010126 for manual configuration update.  KB 5002111 – SharePoint Server Subscription Edition  [Web.config]  KB 5002113 – SharePoint Enterprise Server 2016  [Web.config]  KB 5002109 – SharePoint Server 2019  [Web.config]
  40. 40. Copyright © 2022 Ivanti. All rights reserved. MS22-01-EXCH: Security Updates for Exchange Server  Maximum Severity: Critical  Affected Products: Microsoft Exchange Server 2013 CU23, Exchange Server 2016 CU21 & CU22, and Exchange Server 2019 CU10 & CU11  Description: This security update fixes vulnerabilities in Microsoft Exchange. This bulletin is based on KB 5008631.  Impact: Remote Code Execution  Fixes 3 Vulnerabilities: No vulnerabilities are publicly disclosed or known exploited. CVE-2022-21846, CVE-2022-21855 and CVE-2022- 21969 are fixed in this release.  Restart Required: Requires restart  Known Issues: See next slide
  41. 41. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Exchange Server  KB 5007409 – Exchange Server 2013, 2016 and 2019  [Issue 1] If the update is run it in Normal mode (that is, not as an administrator), some files are not correctly updated and there are no error messages. This occurs because UAC prevents the security update from correctly stopping certain Exchange-related services. Workaround: Run as administrator in manual mode. See KB for more details.  [Issue 2] Exchange services might remain in a disabled state after you install this security update. Workaround: Use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt.  [Issue 3] When you block third-party cookies in a web browser, you might be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. Workaround: Enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. See KB for more details.
  42. 42. Copyright © 2022 Ivanti. All rights reserved. January Known Issues for Exchange Server (cont)  [Issue 4] When you try to request free/busy information for a user in a different forest in a trusted cross-forest topology, the request fails and generates a "(400) Bad Request" error message. Workaround: See Microsoft help article "(400) Bad Request" error during Autodiscover for per-user free/busy in a trusted cross-forest topology for guidance.
  43. 43. Copyright © 2022 Ivanti. All rights reserved. MS22-01-MRNET: Monthly Rollup for Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.8  Description: This security update addresses an issue where an unauthenticated attacker could cause a denial of service on an affected system. This bulletin references 16 KB articles.  Impact: Denial of Service  Fixes 1 Vulnerability: CVE-2022-21911 is not publicly disclosed or known exploited.  Restart Required: Does not require a system restart after you apply it unless files that are being updated are locked or are being used.  Known Issues: None reported
  44. 44. Copyright © 2022 Ivanti. All rights reserved. MS22-01-SONET: Security-only Update for Microsoft .Net  Maximum Severity: Important  Affected Products: Microsoft Windows .Net Framework 2.0 through 4.8  Description: This security update addresses an issue where an unauthenticated attacker could cause a denial of service on an affected system. This bulletin references 16 KB articles.  Impact: Denial of Service  Fixes 1 Vulnerability: CVE-2022-21911 is not publicly disclosed or known exploited.  Restart Required: Does not require a system restart after you apply it unless files that are being updated are locked or are being used.  Known Issues: None reported
  45. 45. Between Patch Tuesdays
  46. 46. Copyright © 2022 Ivanti. All rights reserved. Release Summary  Security Updates (with CVEs): Google Chrome (1), Docker for Windows (1), Node.JS (1), Tableau Desktop (10), Tableau Prep Builder (4), Tableau Reader (2), Thunderbird (1), Wireshark (2)  Security (w/o CVEs): 7-Zip (1), Audacity (1), ClickShare App Machine-Wide Installer (1), Citrix Workspace App (1), Dropbox (2), Evernote (1), Firefox (2), Firefox ESR (1), GoodSync (8), GIMP (1), Cisco Jabber (1), LibreOffice (1), Node.JS (1), Notepad++ (1), Opera (1), Paint.net (1), Plantronics Hub (1), PeaZip (1), Splunk Universal Forwarder (1), TeamViewer (2), UltraVNC (1), VMware Horizon Client (1), Zoom Client (2), Zoom Outlook Plugin (1), Zoom Rooms Client (2), Zoom VDI (1)  Non-Security Updates: AIMP (4), Beyond Compare (1), docuPrinter (1), Google Drive File Stream (1), BlueJeans (1), KeePass Pro (1), KeePass Classic (1), NextCloud Desktop Client (1), Plantronics Hub (1), RingCentral App (Machine-Wide Installer) (1), Rocket.Chat Desktop Client (4)
  47. 47. Copyright © 2022 Ivanti. All rights reserved. Third Party CVE Information  Google Chrome 97.0.4692.71  CHROME-220104, QGC970469271  Fixes 24 Vulnerabilities: CVE-2022-0096, CVE-2022-0097, CVE-2022-0098, CVE- 2022-0099, CVE-2022-0100, CVE-2022-0101, CVE-2022-0102, CVE-2022-0103, CVE-2022-0104, CVE-2022-0105, CVE-2022-0106, CVE-2022-0107, CVE-2022- 0108, CVE-2022-0109, CVE-2022-0110, CVE-2022-0111, CVE-2022-0112, CVE- 2022-0113, CVE-2022-0114, CVE-2022-0115, CVE-2022-0116, CVE-2022-0117, CVE-2022-0118, CVE-2022-0120  Docker for Windows Stable 4.3.2.0  DOCKER-211221, QDOCKER4320  Fixes 2 Vulnerabilities: CVE-2021-44228, CVE-2021-45046
  48. 48. Copyright © 2022 Ivanti. All rights reserved. Third Party CVE Information (cont)  Tableau Desktop 2020.4.13, 2021.1.10, 2021.2.7, 2021.3.6, 2021.4.2  Released - 211220, Multiple IDs  Fixes 2 Vulnerabilities: CVE-2021-44228, CVE-2021-45046  Tableau Prep Builder 2021.2.3, 2021.3.3, 2021.4.3  Released - 211220, Multiple IDs  Fixes 2 Vulnerabilities: CVE-2021-44228, CVE-2021-45046  Tableau Reader 2021.4.2  TABREAD20214-211220, QTABREAD202142  Fixes 2 Vulnerabilities: CVE-2021-44228, CVE-2021-45046
  49. 49. Copyright © 2022 Ivanti. All rights reserved. Third Party CVE Information (cont)  Thunderbird 91.4.1  TB-211220, QTB9141  Fixes 2 Vulnerabilities: CVE-2021-4126, CVE-2021-44538  Wireshark 3.4.11  WIRES34-211230, QWIRES3411EXE and QWIRES3411MSI  Fixes 5 Vulnerabilities: CVE-2021-4181, CVE-2021-4182, CVE-2021-4184, CVE-2021-4185, CVE- 2021-4186  Wireshark 3.6.1  WIRES32-211230, QWIRES361EXE and QWIRES361MSI  Fixes 5 Vulnerabilities: CVE-2021-4181, CVE-2021-4182, CVE-2021-4183, CVE-2021-4184, CVE- 2021-4185
  50. 50. Copyright © 2022 Ivanti. All rights reserved. Third Party CVE Information (cont)  Node.JS 17.3.0 (Current)  NOJSC-211220, QNODEJSC1730  Fixes 1 Vulnerability: CVE-2021-4044
  51. 51. Q & A
  52. 52. Copyright © 2022 Ivanti. All rights reserved. Thank You!

×