Yesterday, the monthly updates for Windows 10 and Windows 11 came out as usual and we already have all the information about these updates. In this case, we’ll focus on what happened in Windows 11. This month, Microsoft focused on patching vulnerabilities by addressing more than 55 security vulnerabilities. We show you the most relevant.
What’s New in Windows 11 Update KB5014697
- CVE-2022-30136: CVSS 9.8, a security vulnerability in the Windows RCE network file system. The attackers would have to make an unauthenticated call to the Network File System (NFS) service to trigger the flaw.
- CVE-2022-30163: CVSS 8.5, a Windows Hyper-V RCE vulnerability that can be exploited via a specially crafted application in a Hyper-V guest session.
- CVE-2022-30139: CVSS 7.5, a Windows Lightweight Directory Access Protocol (LDAP) vulnerability, but only if the LDAP MaxReceiveBuffer policy is set to a value greater than the default.
- CVE-2022-30164: CVSS 8.4, Bypass Kerberos AppContainer Security Feature. It was possible to bypass the service ticket functionality that checks access control for users.
- CVE-2022-30157: CVSS 8.8, a vulnerability in Microsoft SharePoint Server RCE. The attackers must be authenticated and have page creation permissions,
- CVE-2022-30165: CVSS 8.8, Windows Kerberos EoP Security Error. The Kerberos login process could have been spoofed when making a remote connection to protect credentials through CredSSP.
as pointed out Zero Day Initiative (ZDI)This is the first patch release in a long time that doesn’t include updates for print spooler. Last month, Microsoft resolved 74 bugs in security fixes in May. Including Seven critical errors and one major flawWith the advent of RCE privileges escalate, information leaks and identity theft.
Additionally, there is one known issue with .NET Framework 3.5 that can be fixed by disabling and re-enabling .NET Frmaework and Windows Communication Foundation from Windows features. You can read all the information from the following Link.
“Creator. Troublemaker. Hardcore alcohol lover. Web evangelist. Extreme pop culture practitioner. Devoted zombie scholar. Avid introvert.”