GCSA-22046
Microsoft ha rilasciato il security update mensile per aprile 2022, questa versione risolve 128 vulnerabilita', tra cui due zero-day. Dieci delle vulnerabilita' sono state classificate come critiche. Maggiori dettagli sono disponibili alla sezione "Riferimenti".
:: Software interessato .NET Framework Active Directory Domain Services Azure SDK Azure Site Recovery LDAP - Lightweight Directory Access Protocol Microsoft Bluetooth Driver Microsoft Dynamics Microsoft Edge (Chromium-based) Microsoft Graphics Component Microsoft Local Security Authority Server (lsasrv) Microsoft Office Excel Microsoft Office SharePoint Microsoft Windows ALPC Microsoft Windows Codecs Library Microsoft Windows Media Foundation Power BI Role: DNS Server Role: Windows Hyper-V Skype for Business Visual Studio Visual Studio Code Windows Ancillary Function Driver for WinSock Windows App Store Windows AppX Package Manager Windows Cluster Client Failover Windows Cluster Shared Volume (CSV) Windows Common Log File System Driver Windows Defender Windows DWM Core Library Windows Endpoint Configuration Manager Windows Fax Compose Form Windows Feedback Hub Windows File Explorer Windows File Server Windows Installer Windows iSCSI Target Service Windows Kerberos Windows Kernel Windows Local Security Authority Subsystem Service Windows Media Windows Network File System Windows PowerShell Windows Print Spooler Components Windows RDP Windows Remote Procedure Call Runtime Windows schannel Windows SMB Windows Telephony Server Windows Upgrade Assistant Windows User Profile Service Windows Win32K Windows Work Folder Service YARP reverse proxy :: Impatto Esecuzione remota di codice arbitrario (RCE) Denial of Service (DoS) Acquisizione di privilegi piu' elevati (EoP) Provide Misleading Information (spoofing) Information Disclosure (ID) :: Soluzioni Per default l'installazione degli aggiornamenti avviene in maniera automatica. Per installare manualmente scegliere Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update Verificare di aver installato la versione piu' recente del Servicing Stack Updates https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001 https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates Windows Update domande frequenti https://support.microsoft.com/en-us/help/12373/windows-update-faq Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update https://www.catalog.update.microsoft.com/ Gli utenti che utilizzano ancora Windows 7, Windows Server 2008 o 2008 R2 devono acquistare l'Extended Security Update per continuare a ricevere gli aggiornamenti https://support.microsoft.com/en-hk/help/4522133/procedure-to-continue-receiving-security-updates :: Riferimenti Microsoft Security Updates - Release Notes https://msrc.microsoft.com/update-guide/releaseNote/2022-Apr The Hacker News https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html Mitre CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1127 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1128 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1129 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1130 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1133 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1134 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1135 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1136 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1137 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1138 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1139 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1143 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1145 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1232 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21983 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22008 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22009 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23257 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23259 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23268 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23292 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24472 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24473 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24475 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24482 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24483 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24485 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24487 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24492 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24493 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24495 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24497 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24498 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24500 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24523 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24527 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24528 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24532 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24533 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24534 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24536 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24537 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24539 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24540 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24541 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24543 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24545 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24767 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26783 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26785 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26807 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26808 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26809 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26811 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26812 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26813 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26815 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26817 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26818 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26819 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26820 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26821 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26822 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26824 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26825 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26826 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26827 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26828 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26829 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26830 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26891 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26894 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26895 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26896 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26897 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26901 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26903 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26904 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26907 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26908 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26909 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26910 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26911 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26912 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26916 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26917 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26918 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26919 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26920 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26924