-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
*******************************************************************************
*****
Title: Microsoft Security Update Revisions
Issued: March 17, 2022 ********************************************************
****************************
Summary
=======
The following CVEs have undergone revision increments. ========================
============================================================
* CVE-2020-8927
* CVE-2022-24512
* CVE-2022-24511
- CVE-2020-8927 | Brotli Library Buffer Overflow Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-8927
- Version: 2.0
- Reason for Revision: Revised the Security Updates table to include PowerShell
7.0,
PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
affected by this vulnerability. See
https://github.com/PowerShell/Announcements/issues/30 for more information.
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-24512 | .NET and Visual Studio Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512
- Version: 2.0
- Reason for Revision: Revised the Security Updates table to include PowerShell
7.0,
PowerShell 7.1, and PowerShell 7.2 because these versions of PowerShell 7 are
affected by this vulnerability. See
https://github.com/PowerShell/Announcements/issues/29 for more information.
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-24511 | Microsoft Office Word Tampering Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24511
- Version: 2.0
- Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need
to
take any action. See the Release Notes for more information and download
links.
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
Reason for Revision for the following CVEs: Corrected Download and Article links
in the Security Updates table. This is an informational change only.
* CVE-2022-21977
* CVE-2022-22010
* CVE-2022-23283
* CVE-2022-23285
* CVE-2022-23299
- CVE-2022-21977 | Media Foundation Information Disclosure Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21977
- Version: 1.2
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-22010 | Media Foundation Information Disclosure Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22010
- Version: 1.1
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-23283 | Windows ALPC Elevation of Privilege Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23283
- Version: 1.1
- Originally posted: March 8, 2022
- Updated: March 16, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-23285 | Remote Desktop Client Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23285
- Version: 1.1
- Originally posted: March 8, 2022
- Updated: March 17, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-23299 | Windows PDEV Elevation of Privilege Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23299
- Version: 1.1
- Updated: March 17, 2022
- Aggregate CVE Severity Rating: Important
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious websites. Microsoft does
not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at <https://technet.microsoft.com/security/dn753714>.
********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************
IMPORTANT ANNOUNCEMENT: In the coming months we will be moving to a new, more
user-friendly and flexible system for delivering Microsoft Technical Security
Notifications. See "Coming Soon: New Security Update Guide Notification System"
(https://aka.ms/SUGNotificationProfile) for information about how you can sign
up for
and receive these Technical Security Notifications.
Microsoft respects your privacy. Please read our online Privacy
Statement at <http://go.microsoft.com/fwlink/?LinkId=81184>.
These settings will not affect any newsletters youΓÇÖve requested or
any mandatory service communications that are considered part of
certain Microsoft services.
For legal Information, see:
<http://www.microsoft.com/info/legalinfo/default.mspx>.
This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
We would love to get your feedback on your experience with these
security notifications. Please help us improve your security
notifications experience by filling out the form here: https://forms.office.co
m/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR4ekF0eHYitGhfGrzmE_ydpUQUdMQU
kzMFQwQzdYSjFBOTlXTjZWMDRRTi4u
If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
https://account.microsoft.com/profile/unsubscribe?CTID=0&ECID=%2Fv%2Fx1H2TQ5AmA
LZDjy46V6%2FigydGiDwE32XbyTrEjOI%3D&K=3aecb16a-9161-438b-95fe-864987cc8003&CMID
=null&D=637830611140671531&PID=18015&TID=adfd46f4-992a-45ec-935c-4c9bc4baf506
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE4Q6SUN6tupDaY1CaExnEoumP1aEFAmIzfuAACgkQExnEoumP
1aHIbQ//YlHAGEIWlqf3cOF5Iai6+/XgP3vlelKHvr6p7uAxNG3jZ5PcABPjy5mw
fgE0YYnJ5klt01v7vNt38Pzx8UburRsXuWYmmoPLWLu8lWmfkNiGOez39R4vRq7+
flEwD6kUjcHU8ztKDRyq53b1yExaYL5vKTroZz6P3ULNNtorUhQTRf2qgcBkysCF
Jl3aVcvdOUGZsFkmt8xVQw5/1uYZtwo0/ivaYu+ibV7HPVjy1RgbiyOB65DGDJsu
2ICIdRfSVUMCs7Z2iclvX3RlQxTMXrahonZz4r4bzgclbb+aKScuZzogtA1MnWvk
gKjerfD0bKGU3eCyAZKpZhmZXeRtiALC24JeIPuNdnagx+xG+Yf9KzxOsifgGDhB
A3gQ2YBzdVRGqVDw7DHAAC/bTJpdAg4NUbOLhI+aDNCABaQzQGFC6SalnwuZlyMY
pwe8xTSAyj2qe2JaHNq3hpQpLEwEad/WZWhkGvgwn8ox94bp/zHQUbYyI2XPQiDJ
SZuLDGLOOQmSpoZYye1pdH7vldUxqIOkN5Ct7L0DiiK1dLVnvySdTtPgu7mTVkdN
Rvc3aEdcjjkDbYFe4rr7U0ybVxi8I/7idNB5t3OMQWEjkbG8wARnzzqvcycRAHK5
i9nCllSZVIpJ7Nlc42wMbdD6tSWXEW8o3SdS5Oc+BHtZwrFl+/E=
=gjPp
-----END PGP SIGNATURE-----
If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
https://account.microsoft.com/profile/unsubscribe?CTID=0&ECID=%2Fv%2Fx1H2TQ5AmA
LZDjy46V6%2FigydGiDwE32XbyTrEjOI%3D&K=3aecb16a-9161-438b-95fe-864987cc8003&CMID
=null&D=637830611140671531&PID=18015&TID=adfd46f4-992a-45ec-935c-4c9bc4baf506
---
■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games
|
