Lub lim tiam dhau los no Patch Tuesday tau pib nrog 73 qhov hloov tshiab, tab sis tau xaus (txog tam sim no) nrog peb qhov kev hloov kho thiab qhov sib ntxiv lig (CVE-2022-30138) rau tag nrho ntawm 77 qhov tsis zoo uas tau hais rau lub hlis no. Piv nrog rau cov kev hloov kho dav dav tso tawm thaum lub Plaub Hlis, peb pom muaj kev kub ntxhov ntau dua hauv patching Windows - tshwj xeeb tshaj yog nrog peb xoom-hnub thiab ntau qhov tsis zoo hauv cov neeg rau zaub mov tseem ceeb thiab qhov chaw pov thawj. Kev pauv yuav xav tau kev saib xyuas, ib yam nkaus, vim tshiab server hloov tshiab technology.
Tsis muaj qhov hloov tshiab rau lub hlis no rau Microsoft browsers thiab Adobe Reader. Thiab Windows 10 20H2 (peb tsis paub koj) tam sim no tsis muaj kev txhawb nqa.
Koj tuaj yeem nrhiav cov ntaub ntawv ntxiv txog qhov txaus ntshai ntawm kev xa cov Patch Tuesday hloov tshiab hauv qhov no pab tau infographic, thiab MSRC Center tau tshaj tawm cov ntsiab lus zoo ntawm nws ua haujlwm li cas kev ruaj ntseg hloov tshiab no.
Cov xwm txheej ntsuas tseem ceeb
Muab ntau qhov kev hloov pauv nrog rau lub voj voog lub Tsib Hlis no, Kuv tau rhuav tshem cov xwm txheej sim rau hauv pawg uas muaj kev pheej hmoo siab thiab tus qauv pheej hmoo:
Tus Pheej hmoo: Cov kev hloov pauv no yuav suav nrog kev hloov pauv kev ua haujlwm, tuaj yeem tshem tawm cov haujlwm uas twb muaj lawm thiab yuav xav tau tsim cov phiaj xwm tshiab:
- Ntsuam xyuas koj daim ntawv pov thawj CA kev lag luam (ob qho tib si tshiab thiab txuas ntxiv). Koj lub server KDC yuav cia li validate cov tshiab extensions uas muaj nyob rau hauv qhov kev hloov tshiab no. Nrhiav kev ua tsis tiav!
- Qhov kev hloov tshiab no suav nrog kev hloov pauv rau tus neeg tsav tsheb kos npe uas tam sim no suav nrog kev tshawb xyuas lub sijhawm thiab authenticode kos npe. Cov neeg tsav tsheb kos npe yuav tsum thauj khoom. Cov neeg tsav tsheb uas tsis tau kos npe yuav tsum tsis txhob. Tshawb xyuas koj daim ntawv thov kev xeem khiav rau cov tsav tsheb tsis ua haujlwm. suav nrog cov tshev rau kos npe EXEs thiab DLLs ib yam nkaus.
Cov kev hloov pauv hauv qab no tsis tau sau tseg suav nrog kev hloov pauv, tab sis tseem yuav xav tau tsawg kawg "kuaj cov pa luam yeeb” ua ntej kev xa tawm dav dav ntawm May's thaj ua rau thaj:
- Ntsuam xyuas koj cov neeg siv VPN thaum siv RRAS servers: suav nrog txuas, txiav tawm (siv tag nrho cov kev cai: PPP/PPTP/SSTP/IKEv2).
- Kuaj tias koj cov ntaub ntawv EMF qhib raws li qhov xav tau.
- Ntsuam xyuas koj Windows Chaw Nyob Phau Ntawv (WAB) daim ntawv thov dependencies.
- Test BitLocker: pib / nres koj lub tshuab nrog BitLocker enabled thiab ces disabled.
- Ua pov thawj tias koj daim ntawv pov thawj nkag tau los ntawm VPN (saib Microsoft Credential Manager).
- Ntsuam xyuas koj cov V4 tshuab luam ntawv tsav tsheb (tshwj xeeb tshaj yog tom qab tuaj txog ntawm CVE-2022-30138).
Lub hlis no kev sim yuav xav tau ob peb reboots rau koj cov peev txheej sim thiab yuav tsum suav nrog ob qho tib si (BIOS / UEFI) virtual thiab lub cev tshuab.
Paub teeb meem
Microsoft suav nrog cov npe ntawm cov teeb meem paub uas cuam tshuam rau kev ua haujlwm thiab cov platforms suav nrog hauv lub voj voog hloov tshiab no:
- Tom qab txhim kho lub hlis no hloov tshiab, cov khoom siv Windows uas siv qee yam GPUs yuav ua rau apps kaw qhov kev npaj txhij txog, lossis tsim ib qho kev zam (0xc0000094 hauv module d3d9on12.dll) hauv apps siv Direct3D Version 9. Microsoft tau luam tawm ib Kir pab pawg txoj cai hloov tshiab los daws qhov teeb meem no nrog GPO teeb tsa hauv qab no: Rub tawm rau Windows 10, version 2004, Windows 10, version 20H2, Windows 10, version 21H1, thiab Windows 10, version 21H2.
- Tom qab txhim kho qhov hloov tshiab tso tawm Lub Ib Hlis 11, 2022 lossis tom qab ntawd, apps uas siv Microsoft .NET moj khaum kom tau los yog teeb tsa Active Directory Forest Trust Cov Ntaub Ntawv yuav ua tsis tau lossis tsim kev ua txhaum cai (0xc0000005) yuam kev. Nws zoo nkaus li tias cov ntawv thov uas nyob ntawm qhov System.DirectoryServices API raug cuam tshuam.
Microsoft tau hloov kho nws qhov kev ua si tiag tiag thaum tham txog kev kho tshiab thiab hloov tshiab rau qhov kev tso tawm no nrog qhov muaj txiaj ntsig hloov tshiab highlights video.
Kev kho loj
Txawm hais tias muaj ntau qhov txo qis ntawm thaj ua rau lub hlis no piv rau lub Plaub Hlis, Microsoft tau tshaj tawm peb qhov kev hloov kho suav nrog:
- CVE-2022-1096: Chromium: CVE-2022-1096 Hom tsis meej pem hauv V8. Lub Peb Hlis Ntuj no tau hloov kho kom suav nrog kev txhawb nqa rau qhov tseeb version ntawm Visual Studio (2022) kom tso cai rau kev hloov kho tshiab ntawm webview2 cov ntsiab lus. Tsis tas yuav ua ntxiv lawm.
- CVE-2022-24513: Visual Studio Elevation of Privilege Vulnerability. Lub Plaub Hlis no tau hloov kho kom suav nrog TXHUA cov kev txhawb nqa ntawm Visual Studio (15.9 txog 17.1). Hmoov tsis zoo, qhov kev hloov tshiab no yuav xav tau qee qhov kev sim rau koj pab neeg txhim kho, vim nws cuam tshuam li cas webview2 cov ntsiab lus tau ua.
- CVE-2022-30138: Windows Print Spooler Elevation of Privilege Vulnerability. Qhov no tsuas yog kev hloov ntaub ntawv xwb. Tsis tas yuav ua ntxiv lawm.
Mitigations thiab workarounds
Rau lub Tsib Hlis, Microsoft tau tshaj tawm ib qho kev txo qis rau qhov hnyav Windows network cov ntaub ntawv kaw lus tsis zoo:
- CVE-2022-26937: Windows Network File System Remote Code Execution Vulnerability. Koj tuaj yeem txo qhov kev tawm tsam los ntawm kev tsis ua haujlwm NFSV 2 thiab NFSV 3. Cov lus txib hauv qab no PowerShell yuav lov tes taw cov versions: "PS C:Set-NfsServerConfiguration -EnableNFSV2 $false -EnableNFSV3 $false." Ib zaug ua tiav. koj yuav tsum rov pib dua koj lub NFS server (lossis nyiam dua reboot lub tshuab). Thiab kom paub meej tias NFS server tau hloov kho kom raug, siv PowerShell hais kom ua "PS C: Get-NfsServerConfiguration."
Txhua lub hlis, peb rhuav tshem lub voj voog hloov tshiab rau hauv cov tsev neeg cov khoom (raws li tau hais los ntawm Microsoft) nrog cov pab pawg hauv qab no:
- Browsers (Microsoft IE thiab Edge);
- Microsoft Windows (ob lub desktop thiab server);
- Microsoft Chaw Haujlwm;
- Microsoft Txauv;
- Microsoft Development platforms ( ASP.NET Core, .NET Core thiab Chakra Core);
- Adobe (tso tawm ???, tej zaum xyoo tom ntej).
Browsers
Microsoft tsis tau tso tawm ib qho kev hloov tshiab rau nws cov keeb kwm (IE) lossis Chromium (Edge) browsers lub hlis no. Peb tab tom pom kev poob qis ntawm cov teeb meem tseem ceeb uas tau cuam tshuam rau Microsoft rau kaum xyoo dhau los. Kuv txoj kev xav yog tias kev txav mus rau Chromium qhov project yog qhov tseeb "super plus-plus win-win" rau ob qho tib si pab pawg tsim kho thiab cov neeg siv.
Hais txog keeb kwm browsers, peb yuav tsum tau npaj rau qhov nyiaj laus ntawm IE tuaj nyob rau nruab nrab lub rau hli ntuj. Los ntawm "npaj" Kuv txhais tau tias ua kev zoo siab - tom qab, ntawm chav kawm, peb tau ua pov thawj qhov qub txeeg qub teg apps tsis muaj kev vam meej ntawm lub qub IE rendering engine. Thov ntxiv "Nco ntsoov ua kev zoo siab rau kev so haujlwm ntawm IE" rau koj lub sijhawm xa tawm browser. Koj cov neeg siv yuav nkag siab.
lub qhov rais
Lub Windows platform tau txais 56 qhov hloov tshiab tseem ceeb rau lub hlis no thiab XNUMX thaj ua rau thaj ntsuas qhov tseem ceeb. Hmoov tsis zoo, peb muaj peb qhov kev siv xoom-hnub, ib yam nkaus:
- CVE-2022-22713: Qhov no nthuav tawm qhov tsis zoo rau hauv Microsoft's Hyper-V virtualization platform yuav xav tau tus neeg tawm tsam kom ua tiav kev siv cov kev sib tw sab hauv kom ua rau muaj peev xwm tsis kam lees txais kev pabcuam. Nws yog qhov tsis muaj peev xwm loj, tab sis yuav tsum muaj kev sib txuas ntau qhov tsis zoo kom ua tiav.
- CVE-2022-26925: Ob leeg tau tshaj tawm thiab tshaj tawm raws li kev siv nyob rau hauv cov qus, qhov no LSA authentication teeb meem yog ib qho kev txhawj xeeb tiag tiag. Nws yuav yooj yim rau patch, tab sis qhov kev xeem profile yog loj, ua rau nws nyuaj rau deploy sai. Ntxiv rau kev sim koj qhov kev lees paub qhov tseeb, xyuas kom meej tias cov thaub qab (thiab rov qab) cov haujlwm ua haujlwm raws li qhov xav tau. Peb pom zoo kom kuaj xyuas qhov tseeb Microsoft cov ntawv txhawb nqa ntawm no qhov teeb meem tsis tu ncua.
- CVE-2022-29972: Qhov teeb meem no tau tshaj tawm rau pej xeem hauv Redshift ODBC tus tsav tsheb zoo nkauj tshwj xeeb rau Synapse daim ntawv thov. Tab sis yog tias koj muaj kev cuam tshuam rau ib qho ntawm cov Azure Synapse RBAC lub luag haujlwm, xa tawm qhov hloov tshiab no yog qhov tseem ceeb tshaj plaws.
Ntxiv nrog rau cov teeb meem xoom-hnub no, muaj peb yam teeb meem uas yuav tsum tau ua kom koj mloog:
- CVE-2022-26923: qhov tsis zoo no hauv Active Directory authentication tsis yog "wormable"tab sis nws yooj yim heev rau kev siv, Kuv yuav tsis xav tsis thoob thaum pom nws nquag tawm tsam soon. Thaum muaj kev cuam tshuam, qhov tsis zoo no yuav muab kev nkag mus rau koj lub npe tag nrho. Cov ceg txheem ntseeg siab nrog qhov no.
- CVE-2022-26937: Cov kab mob Network File System no muaj qhov ntsuas ntawm 9.8 - ib qho ntawm cov tshaj tawm tshaj tawm xyoo no. NFS tsis tau qhib los ntawm lub neej ntawd, tab sis yog tias koj muaj Linux lossis Unix ntawm koj lub network, koj yuav siv nws. Patch qhov teeb meem no, tab sis peb kuj pom zoo kom kho dua tshiab rau NFSv4.1 as soon li sai tau.
- CVE-2022-30138: Lub thaj no tau tso tawm tom qab Patch Tuesday. Qhov teeb meem luam tawm no tsuas yog cuam tshuam rau cov txheej txheem qub (Windows 8 thiab Server 2012) tab sis yuav xav tau kev ntsuas tseem ceeb ua ntej xa mus. Nws tsis yog qhov teeb meem tseem ceeb ntawm kev ruaj ntseg, tab sis lub peev xwm rau cov teeb meem ntawm lub tshuab luam ntawv yog qhov loj. Siv koj lub sijhawm ua ntej siv qhov no.
Muab tus naj npawb ntawm kev siv dag zog hnyav thiab peb hnub xoom-hnub hauv lub Tsib Hlis, ntxiv lub hlis no Windows hloov tshiab rau koj lub sijhawm "Patch Now".
Microsoft Office
Microsoft tso tawm plaub qhov hloov tshiab rau Microsoft Office platform (Excel, SharePoint) tag nrho cov uas tau ntsuas qhov tseem ceeb. Tag nrho cov kev hloov tshiab no nyuaj rau kev siv (yuav tsum tau siv ob qho tib si kev sib cuam tshuam thiab kev nkag mus hauv zos rau lub hom phiaj) thiab tsuas yog cuam tshuam rau 32-ntsis platforms. Ntxiv cov ntaub ntawv tsis tshua muaj, tsis tshua muaj kev pheej hmoo Office hloov tshiab rau koj cov txheej txheem tso tawm.
Microsoft Exchange neeg rau zaub mov
Microsoft tso tawm ib qho hloov tshiab rau Exchange Server (CVE-2022-21978) uas yog ntsuas qhov tseem ceeb thiab zoo li nyuaj rau kev siv. Qhov kev nce siab-ntawm-tsim nyog qhov tsis zoo no yuav tsum muaj kev lees paub nkag mus rau tus neeg rau zaub mov, thiab txog tam sim no tseem tsis tau muaj lus ceeb toom txog kev tshaj tawm pej xeem lossis kev siv tsiaj qus.
Qhov tseem ceeb tshaj lub hlis no, Microsoft tau nthuav tawm qhov tshiab txoj kev hloov tshiab Microsoft Exchange servers uas tam sim no suav nrog:
- Windows Installer thaj cov ntaub ntawv (.MSP), uas ua haujlwm zoo tshaj plaws rau kev teeb tsa automated.
- Self-extracting, auto-elevating installer (.exe), uas ua hauj lwm zoo tshaj plaws rau phau ntawv installation.
Qhov no yog ib qho kev sim los daws qhov teeb meem ntawm Exchange admins hloov kho lawv cov servers nyob rau hauv cov ntsiab lus uas tsis yog-admin, ua rau lub xeev tsis zoo. EXE hom tshiab tso cai rau kev teeb tsa kab hais kom ua thiab kev teeb tsa zoo dua. Microsoft tau pab tau tshaj tawm cov EXE kab lus txib nram qab no:
"Setup.exe / IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareAllDomains"
Nco ntsoov, Microsoft xav kom koj muaj qhov %Temp% ib puag ncig hloov pauv ua ntej siv EXE hom tshiab installation. Yog tias koj ua raws li txoj kev tshiab ntawm kev siv EXE los hloov pauv pauv, nco ntsoov koj tseem yuav tau (sib cais) xa tawm txhua hli S.S.U. hloov tshiab los xyuas kom meej tias koj cov servers tshiab. Ntxiv qhov kev hloov tshiab no (lossis EXE) rau koj lub sijhawm tso tawm tus qauv, kom ntseeg tau tias kev rov ua haujlwm tag nrho yog ua tiav thaum txhua qhov hloov tshiab tiav.
Microsoft kev txhim kho platforms
Microsoft tau tshaj tawm tsib qhov kev hloov kho tshiab tseem ceeb thiab ib thaj ua rau muaj qhov ntsuas qis. Tag nrho cov thaj ua rau thaj no cuam tshuam rau Visual Studio thiab .NET moj khaum. Raws li koj yuav tau hloov kho koj qhov Visual Studio qhov xwm txheej los daws cov teeb meem no, peb xav kom koj nyeem cov ntawv Visual Studio Lub Plaub Hlis hloov tshiab phau ntawv qhia.
Txhawm rau kom paub ntau ntxiv txog cov teeb meem tshwj xeeb tau hais los ntawm kev saib xyuas kev nyab xeeb, lub Tsib Hlis 2022 .NET hloov tshiab blog tshaj tawm yuav pab tau. Nco ntsoov tias.NET 5.0 tam sim no tau mus txog qhov kawg ntawm kev txhawb nqa thiab ua ntej koj hloov mus rau .NET 7, nws yuav tsim nyog kuaj xyuas qee qhov kev sib raug zoo lossis "txhawm hloov"Qhov ntawd yuav tsum tau hais txog. Ntxiv cov kev pheej hmoo nruab nrab no rau koj cov txheej txheem hloov tshiab.
Adobe (tsuas yog Reader)
Kuv xav tias tej zaum peb yuav pom qhov sib txawv. Tsis muaj Adobe Reader hloov tshiab rau lub hlis no. Uas tau hais tias, Adobe tau tshaj tawm ntau qhov hloov tshiab rau lwm yam khoom pom ntawm no: PIB 22-21. Cia peb pom tias muaj dab tsi tshwm sim rau lub Rau Hli - tej zaum peb tuaj yeem so haujlwm ob qho tib si Adobe Reader thiab IE.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
English
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba