2022 July Patch Tuesday

Patch Tuesday Webinar
Wednesday, July 13, 2022
Hosted by Chris Goettl and Todd Schell

Agenda
July 2022 Patch Tuesday Overview
In the News
Bulletins and Releases
Between Patch Tuesdays
Q & A

Copyright © 2022 Ivanti. All rights reserved.
July Patch Tuesday 2022
The July Patch Tuesday has more cleanup than net new as far as critical activities are concerned. July 4th saw fireworks
across the US for Independence Day and a Zero Day release from Google to resolve a buffer overflow vulnerability
(CVE-2022-2294), which also means an update for any Chromium based browsers such as Microsoft Edge. Microsoft
has their standard lineup of updates for the Windows OS, O365, Microsoft Edge (Chromium-based), and Skype for
Business. Adobe released updates for Acrobat, Acrobat Reader, Robohelp, Animater, and Photoshop; Oracle’s quarterly
critical patch update is releasing on Tuesday July 19 so expect more updates to come next week with all your favorite
Java updates and Oracle middleware products.

In the News
 Android vulnerability discovered and reported to Google
 https://www.blackhat.com/us-22/briefings/schedule/index.html#cautious-a-
new-exploitation-method-no-pipe-but-as-nasty-as-dirty-pipe-27169
 Not currently exploited – the news world needs to get their definition of Zero
Day correct. This would be a public disclosure once they showcase their
findings at Blackhat in August.
 “Meanwhile, Android device owners should be careful before installing random apps other
than the ones eligible through Google Play Protect or completely avoid installing from
untrusted sources altogether.”
 I am pretty sure mobile users on any mobile device should ALWAYS be careful of what
they install from untrusted sources…

In the News
 Google Chrome Zero Day
 https://thehackernews.com/2022/07/update-google-chrome-browser-to-
patch.html
 Update released on July 4
 Microsoft Edge (Chromium-based) needs updating as well as a result
 https://www.techradar.com/news/microsoft-edge-gets-emergency-patch-for-
severe-zero-day-vulnerability

Known Exploited Vulnerability
 CVE-2022-22047 Windows CSRSS Elevation of Privilege Vulnerability
 CVSS 3.1 Scores: 7.8 / 6.8
 Severity: Important
 Impacts all Windows workstation and server operating systems
 An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
 CISA adds to KEV list and gives agencies 3 weeks to resolve
 https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-new-
windows-zero-day-used-in-attacks/

Other Interesting Vulnerabilities
 CVE-2022-23816 AMD CPU Branch Type Confusion
 CVE-2022-23825 AMD CPU Branch Type Confusion
 Hardware vulnerabilities in certain AMD processors
 See https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037
 Severity: Important
 Impacts all Windows workstation and server operating systems
 Challenge to address a hardware vulnerability with software
 Mitigating software updates have only been released for Server 2022/Server Core 2022
 More updates to come . . .

Cloud Vulnerabilities
 Vulnerabilities that the cloud vendor is responsible for
 Vulnerabilities the cloud customerconsumer is responsible for
 Microsoft resolved 33 vulnerabilities in Azure Site Recovery
 How to resolve https://docs.microsoft.com/en-us/azure/site-recovery/vmware-azure-
manage-process-server#upgrade-a-process-server
1. Sign in to the process server as an administrator.
2. Download the latest version of the Unified Setup Installer.
3. Double-click the installer to launch the update process.
4. The installer detects the Site Recovery components that are installed, and
upgrades them to the latest version.

Microsoft Patch Tuesday Updates of Interest
 Advisory 990001 Latest Servicing Stack Updates (SSU)
 https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV990001
 Server 2008/Win 7/2008 R2 ESUs
 Win 8.1/Server 2012/2012 R2
 Win 10 Ver 1607/Server 2016
 Azure Updates
 Azure Site Recovery VMWare to Azure
 Azure Storage Blobs client library for .NET
 Azure Storage Queues client library for .NET
 Azure Storage Blobs client library for Java
 Azure Storage Queues client library for Python
Source: Microsoft

SQL Server EOL Update
 SQL Server 2012 (shown)
 July 12 SP4 EOL
 3 Years of ESU support
 SQL Server 2008 R2
 July 12 end of ESU support
 4th year ESU on Azure only
 July 11, 2023
Source: Microsoft

Server 2012/2012 R2 EOL is Coming
 Lifecycle Fact Sheet
 https://docs.microsoft.com/en-us/lifecycle/products/windows-server-2012-r2
Source: Microsoft

Internet Explorer 11 EOL
 No updates for IE 11 this month
 https://techcommunity.microsoft.com/t5/windows-it-pro-blog/internet-
explorer-11-desktop-app-retirement-faq/ba-p/2366549
 Confusion following last month’s final release
 IE 11 is not automatically removed from the OS
 EOL notice and link to latest Edge provided
 Microsoft will disable IE and/or remove it at some point
 When in doubt:
 IE Mode in Microsoft Edge
 Supported until 2029

Windows 10 and 11 Lifecycle Awareness
Windows 10 Enterprise and Education
Version Release Date End of Support Date
21H2 11/16/2021 6/11/2024
21H1 5/18/2021 12/13/2022
20H2 10/20/2020 5/9/2023
Windows 10 Home and Pro
21H2 11/16/2021 6/13/2023
21H1 5/18/2021 12/13/2022
Windows Datacenter and Standard Server
2022 8/18/2021 10/13/2026
Windows 11 Home and Pro
21H2 10/4/2021 10/10/2023
 Lifecycle Fact Sheet
 https://docs.microsoft.com/en-us/lifecycle/faq/windows

Patch Content Announcements
 Announcements Posted on Community Forum Pages
 https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
 Subscribe to receive email for the desired product(s)

APSB22-32: Security Update for Adobe Acrobat and Reader
 Maximum Severity: Critical
 Affected Products: Adobe Acrobat and Reader (all current versions)
 Description: Adobe has released security updates for Adobe Acrobat and Reader for
Windows and macOS. These updates address multiple critical, important and
moderate vulnerabilities. Of the 22 reported vulnerabilities, 15 are rated Critical. See
https://helpx.adobe.com/security/products/acrobat/apsb22-32.html for complete details.
 Impact: Remote Code Execution and Information Disclosure
 Fixes 22 Vulnerabilities: See link to Adobe bulletin
 Restart Required: Requires application restart

MS22-07-W11: Windows 11 Update
 Affected Products: Microsoft Windows 11 Version 21H2 and Edge Chromium
 Description: This security update includes improvements that were a part of update
KB 5014668 (released June 23, 2022). This bulletin references KB 5015814.
 Impact: Remote Code Execution, Security Feature Bypass, Denial of Service,
Tampering, Elevation of Privilege and Information Disclosure
 Fixes 40 Vulnerabilities: CVE-2022-22047 is known exploited. See the Security
Update Guide for the complete list of CVEs.
 Restart Required: Requires restart
 Known Issues: See next slide

July Known Issues for Windows 11
 KB 5015814 – Windows 11
 [.NET Apps] After installing this update, some .NET Framework 3.5 apps might have
issues or might fail to open. Affected apps are using certain optional components in
.NET Framework 3.5, such as Windows Communication Foundation (WCF) and
Windows Workflow (WWF) components. Workaround: You can mitigate this issue by
re-enabling .NET Framework 3.5 and the Windows Communication Foundation in
Windows Features. See KB for more details and options.
 [IE Mode] After installing this update, IE mode tabs in Microsoft Edge might stop
responding when a site displays a modal dialog box. A modal dialog box is a form or
dialog box that requires the user to respond before continuing or interacting with other
portions of the webpage or app. Workaround: This issue is resolved using Known
Issue Rollback (KIR). See KB for link to Windows 11 (original release) KB 5014019
220624_22553 Known Issue Rollback. For enterprise-managed devices that have
installed an affected update and encountered this issue, they can resolve it by
installing and configuring the special Group Policy also provided in KB.

MS22-07-W10: Windows 10 Update
 Affected Products: Microsoft Windows 10 Versions 1607, 1809, 2004, 20H2, 21H1,
21H2, Server 2016, Server 2019, Server 2022, Server version 2004, Server version
20H2, Server 21H1 and Edge Chromium
 Description: This bulletin references 5 KB articles. See KBs for the list of changes.
Tampering, Elevation of Privilege and Information Disclosure
 Fixes 46 Vulnerabilities: CVE-2022-22047 is known exploited. Two additional
vulnerabilities - CVE-2022-23816 and CVE-2022-23825, associated with select AMD
CPUs are fixed in Server 2022 only. See the Security Update Guide for the complete
list of CVEs.
 Known Issues: See next slides

July Known Issues for Windows 10
 KB 5015811 – Windows 10 Enterprise 2019 LTSC, Windows 10 IoT
Enterprise 2019 LTSC, Windows 10 IoT Core 2019 LTSC, Windows
Server 2019
 [Asian Packs] After installing KB 4493509, devices with some Asian language
packs installed may receive the error, "0x800f0982 -
PSFX_E_MATCHING_COMPONENT_NOT_FOUND.“ Workaround: Uninstall
and reinstall any recently added language packs or select Check for Updates and
install the April 2019 Cumulative Update. See KB for more recovery details.
Microsoft is working on a resolution.
 [Cluster Update] After installing KB 5001342 or later, the Cluster Service might fail
to start because a Cluster Network Driver is not found. Workaround: This issue
occurs because of an update to the PnP class drivers used by this service. After
about 20 minutes, you should be able to restart your device and not encounter this
issue. For more information about the specific errors, cause, and workaround for
this issue, please see KB 5003571.

July Known Issues for Windows 10 (cont)
 KB 5015807 –Windows 10 version 20H2, Windows Server version
20H2, Windows 10 version 21H1
 [Scavaged] After installing the June 21, 2021 (KB5003690) update, some devices
cannot install new updates, such as the July 6, 2021 (KB5004945) or later
updates. You will receive the error message,
"PSFX_E_MATCHING_BINARY_MISSING". Workaround: In place upgrade. For
more information and a workaround, see KB5005322.
 [Edge Removed] Devices with Windows installations created from custom offline
media or custom ISO image might have Microsoft Edge Legacy removed by this
update, but not automatically replaced by the new Microsoft Edge. Devices that
connect directly to Windows Update to receive updates are not affected.
Workaround: Slipstream the SSU released March 29, 2021 or later into the
custom offline media or ISO image before slipstreaming the LCU. See KB for
details.
 [IE Mode]

July Known Issues for Windows 10 (cont)
 KB 5015827 – Windows Server 2022
 [IE Mode]

MS22-07-MR2K8-ESU: Monthly Rollup for Windows Server 2008
 Affected Products: Microsoft Windows Server 2008 and IE 9
 Description: This cumulative security update contains improvements that are part of
update KB 5014752 (released June 14, 2022). Bulletin is based on KB 5015866.
Elevation of Privilege and Information Disclosure
 Known Issues: See next slide.

July Known Issues for Server 2008
 KB 5015866 – Windows Server 2008 (Monthly Rollup)
 [File Rename] Certain operations, such as rename, that you perform on files or
folders that are on a Cluster Shared Volume (CSV) may fail with the error,
“STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you
perform the operation on a CSV owner node from a process that doesn’t have
administrator privilege. Workaround: Perform the operation from a process that
has administrator privilege or perform the operation from a node that doesn’t have
CSV ownership. Microsoft is working on a resolution.
 KB 5015870 – Windows Server 2008 (Security-only Update)
 [File Rename]

MS22-07-SO2K8-ESU: Security-only Update for Windows Server 2008
 Affected Products: Microsoft Windows Server 2008
 Description: Bulletin is based on KB 5015870.
 Known Issues: See previous slide.

MS22-07-MR7-ESU: Monthly Rollup for Win 7
MS22-07-MR2K8R2-ESU Monthly Rollup for Server 2008 R2
 Affected Products: Microsoft Windows 7, Server 2008 R2, and IE 11
 Description: This cumulative security update contains improvements that are part of update
KB 5014748 (released June 14, 2022). Bulletin is based on KB 5015861.
 Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation of
Privilege and Information Disclosure
 Fixes 34 Vulnerabilities: CVE-2022-22047 is known exploited. See the Security Update
Guide for the complete list of CVEs.
 Known Issues: [File Rename]

MS22-07-SO7-ESU: Security-only Update for Win 7
MS22-07-SO2K8R2-ESU: Security-only Update for Server 2008 R2
 Affected Products: Microsoft Windows 7 and Server 2008 R2
 Impact: Remote Code Execution, Security Feature Bypass, Denial of Service, Elevation
of Privilege and Information Disclosure

MS22-07-MR8: Monthly Rollup for Server 2012
 Affected Products: Microsoft Windows Server 2012 and IE
 Description: This cumulative security update contains improvements that are part of update

MS22-07-SO8: Security-only Update for Windows Server 2012
 Affected Products: Microsoft Windows Server 2012

MS22-07-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2
 Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE
 Description: This cumulative security update includes improvements that are part of update
NOTE: Starting with this release, Microsoft is displaying a dialog box to remind users about the End of Support
(EOS) for Windows 8.1 in January 2023. If you click Remind me later, the dialog box will appear once every 35
days. If you click Remind me after the end of support date, the dialog box will not appear again until after the
EOS date.

MS22-07-SO81: Security-only Update for Win 8.1 and Server 2012 R2
 Affected Products: Microsoft Windows 8.1, Server 2012 R2
NOTE: Starting with this release, Microsoft is displaying a dialog box to remind users about the End of
Support (EOS) for Windows 8.1 in January 2023. If you click Remind me later, the dialog box will appear
once every 35 days. If you click Remind me after the end of support date, the dialog box will not appear
again until after the EOS date.

MS22-07-OFF: Security Updates for Microsoft Office
 Maximum Severity: Important
 Affected Products: Office 2013 and 2016, Office Lync Server 2013 and Office
Skype Server 2015 & 2019
 Description: This security update resolves multiple vulnerabilities in Microsoft Office
applications. Consult the Security Update Guide for specific details on each. This
bulletin references 3 KB articles.
 Impact: Remote Code Execution and Security Feature Bypass
 Fixes 2 Vulnerabilities: No vulnerabilities are publicly disclosed or known
exploited. CVE-2022-33692 and CVE-2022-33633 are fixed in this release.
 Known Issues: None reported

MS22-07-O365: Security Updates Microsoft 365 Apps, Office 2019
and Office LTSC 2021
 Maximum Severity: Important
 Affected Products: Microsoft 365 Apps, Office 2019 and Office LTSC 2021
 Description: This month’s update resolved various bugs and performance issues in
Office applications. Information on the security updates is available at
https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates.
 Impact: Security Feature Bypass
 Fixes 1 Vulnerability: No vulnerabilities are publicly disclosed or known exploited.
CVE-2022-33632 is fixed in this release.
 Known Issues: None reported

Release Summary
 Security Updates (with CVEs): Google Chrome (2), Firefox (1), Firefox ESR (1), Foxit PhantomPDF
(1), Thunderbird (1), Zoom Client (2)
 Security (w/o CVEs): 7-Zip (1), CCleaner (1), Google Chrome (1), ClickShare App Machine-Wide
Installer (1), Falcon Sensor for Windows (1), Citrix Workspace app LTSR (1), Citrix Workspace App (1),
Docker for Windows Stable (2), Docker for Windows (1), Dropbox (2), Evernote (1), Firefox (1), Foxit PDF
Editor (1), Foxit PDF Reader Consumer (1), Foxit PDF Reader Enterprise (1), GoodSync (3), GIT for windows
(1), Malwarebytes (1), Nitro Pro (1), Nitro Pro Enterprise (1), Node.JS (Current) (2), Node.JS (LTS Lower) (1),
Node.JS (LTS Upper) (1), Notepad++ (1), Opera (3), Plex Media Server (2), PeaZip (1), Royal TS (1), Skype
(1), SeaMonkey (1), Splunk Universal Forwarder (2), Tableau Desktop (6), Tableau Prep Builder (2), Tableau
Reader (2), Thunderbird (1), TeamViewer (1), WinSCP (1), Zoom Client (1), Zoom Outlook Plugin (1), Zoom
VDI (1)
 Non-Security Updates: AIMP (3), Camtasia (1), Google Drive File Stream (1), GeoGebra Classic (2),
BlueJeans (1), NextCloud Desktop Client (1), Password Safe (1), R for Windows (1), RealVNC Server (1),
ScreenPresso (1), RealVNC Viewer (1), Cisco WebEx Teams (1)

Third Party CVE Information
 Google Chrome 103.0.5060.53
 CHROME-220621, QGC1030506053
 Fixes 9 Vulnerabilities: CVE-2022-2156, CVE-2022-2157, CVE-2022-2158, CVE-
2022-2160, CVE-2022-2161, CVE-2022-2162, CVE-2022-2163, CVE-2022-2164,
CVE-2022-2165
 Google Chrome 103.0.5060.114
 CHROME-220704, QGC10305060114
 Fixes 3 Vulnerabilities: CVE-2022-2294, CVE-2022-2295, CVE-2022-2296
 Zoom Client 5.11.0.6569
 ZOOM-220621, QZOOM5116569
 Fixes 2 VulnerabilitiesCVE-2022-22788, CVE-2022-28749

Third Party CVE Information (cont)
 Firefox 102.0
 FF-220628, QFF1020
 Fixes 19 Vulnerabilities: CVE-2022-2200, CVE-2022-34468, CVE-2022-34469, CVE-2022-
34470, CVE-2022-34471, CVE-2022-34472, CVE-2022-34473, CVE-2022-34474, CVE-
2022-34475, CVE-2022-34476, CVE-2022-34477, CVE-2022-34478, CVE-2022-34479,
CVE-2022-34480, CVE-2022-34481, CVE-2022-34482, CVE-2022-34483, CVE-2022-
34484, CVE-2022-34485
 Firefox ESR 91.11.0
 FF-220628, QFFE91110
2022-34484

Third Party CVE Information (cont)
 Foxit PhantomPDF 10.1.8.37795
 FIP-220621, QFIP101837795
2022-28676, CVE-2022-28677, CVE-2022-28678, CVE-2022-28679, CVE-2022-28680,
CVE-2022-28681, CVE-2022-28682, CVE-2022-28683, CVE-2022-30557
 Thunderbird 91.11.0
 TB-220628, QTB91110
2022-34481, CVE-2022-34484

Thank You!

2022 July Patch Tuesday

Recommended

Recommended

More Related Content

Similar to 2022 July Patch Tuesday

Similar to 2022 July Patch Tuesday (20)

More from Ivanti

More from Ivanti (20)

Recently uploaded

Recently uploaded (20)

2022 July Patch Tuesday