=================================================================== CERT-Renater
Note d'Information No. 2022/VULN244
_____________________________________________________________________
DATE : 13/07/2022
HARDWARE PLATFORM(S): /
OPERATING SYSTEM(S): Systems running Azure Site Recovery,
Branche de processeur AMD, Bibliothèque de stockage Azure,
Microsoft Defender pour point de terminaison,
Microsoft Edge (basé sur Chromium), Composant Microsoft Graphics,
Microsoft Office,Logiciels open source
Rôle : Serveur DNS, Rôle : Service Télécopie de Windows,
Rôle : Windows Hyper-V, Skype Entreprise et Microsoft Lync,
Windows Active Directory,
Appel de procédure locale avancé de Windows,
Windows BitLocker, Gestionnaire de démarrage Windows,
Sous-système d’exécution client/serveur de Windows,
Service de plateforme des appareils connectés Windows,
Windows Credential Guard, Pilote FAT rapide de Windows,
Service Télécopie et numérisation Windows,
Stratégie de groupe Windows, Windows IIS
Noyau Windows, Windows Media,
Système de gestion de fichiers en réseau de Windows,
Compteurs de performance Windows
Protocole PPTP (Point-to-Point Tunneling Protocol) de Windows
Service Énumérateur d’appareil mobile de Windows,
Composants du spouleur d’impression Windows,
Runtime d’appel de procédure distante Windows,
Gestionnaire de comptes de sécurité Windows,
Service Serveur Windows, Windows Shell, Windows Storage,
Xbox.
====================================================================https://msrc.microsoft.com/update-guide/
_____________________________________________________________________
********************************************************************
Microsoft Security Update Summary for July 12, 2022
Issued: July 12, 2022
********************************************************************
This summary lists security updates released for July 12, 2022.
Complete information for the July 2022 security update release
Can be found at .
IMPORTANT ANNOUNCEMENT: In the coming months we will be moving to
a new, more user-friendly and flexible system for delivering
Microsoft Technical Security Notifications. See Coming Soon: New
Security Update Guide Notification System for information about
how you can sign up for and receive these Technical
Security Notifications.
Please note the following information regarding the security
updates:
* Windows 10 updates are cumulative. The monthly security release
includes all security fixes for vulnerabilities that affect
Windows 10, in addition to non-security updates. The updates are
available via the Microsoft Update Catalog:
https://catalog.update.microsoft.com/v7/site/Home.aspx.
* For information on lifecycle and support dates for Windows 10
operating systems, please see the Windows Lifecycle Facts Sheet:
https://support.microsoft.com/en-us/help/13853/windows-
lifecycle-fact-sheet).
* A list of the latest servicing stack updates for each operating
system can be found in ADV990001:
https://msrc.microsoft.com/update-guide/vulnerability/ADV990001.
This list will be updated whenever a new servicing stack update
is released. It is important to install the latest servicing
stack update.
* In addition to security changes for the vulnerabilities,
updates include defense-in-depth updates to help improve
security-related features.
* Customers running Windows 7, Windows Server 2008 R2, or
Windows Server 2008 need to purchase the Extended Security Update
to continue receiving security updates. See
https://support.microsoft.com/en-us/help/4522133/procedure-to-
continue-receiving-security-updates for more information.
* There is a change coming with regards to Servicing Stack
Updates. Please see Simplifying SSUs for more information.
Critical Security Updates
==========================Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
Remote Desktop client for Windows Desktop
Important Security Updates
==========================Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Lync Server 2013 CU10
Skype for Business Server 2015 CU12
Skype for Business Server 2019 CU6
Azure Site Recovery VMWare to Azure
Azure Storage Blobs client library for Python
Microsoft Defender for Endpoint for Linux
Azure Storage Blobs client library for .NET
Azure Storage Blobs client library for Java
Azure Storage Queues client library for .NET
Azure Storage Queues client library for Python
Other Information
Recognize and avoid fraudulent email to Microsoft customers:
============================================================If you receive an email message that claims to be
distributing a Microsoft security update, it is a hoax that
may contain malware or pointers to malicious websites. Microsoft
does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to
digitally sign all security notifications. However, PGP is not
required for reading security notifications, reading security
information, or installing security updates. You can obtain the
MSRC public PGP key at
.
********************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION
IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED,
INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE
BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF
LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE
FOREGOING LIMITATION MAY NOT APPLY.
Microsoft respects your privacy. Please read our online
Privacy Statement at
.
If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to unsubscribe:
.
These settings will not affect any newsletters you've requested
or any mandatory service communications that are considered part
of certain Microsoft services.
For legal Information, see:
.
This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
_____________________________________________________________________
**************************************************************************************
Title: Microsoft Security Advisory Notification
Issued: July 12, 2022
**************************************************************************************
Security Advisory Released on July 12, 2022
====================================================================================* ADV990001
- ADV990001 | Latest Servicing Stack Updates
- https://msrc.microsoft.com/update-guide/vulnerability/ADV990001
- Reason for Revision: Information published.
- Originally posted: July 12, 2022
- Updated: N/A
- Version: 47.0
====================================================================================Other Information
===============Recognize and avoid fraudulent email to Microsoft customers:
=====================================================================================If you receive an email message that claims to be distributing a
Microsoft security update, it is a hoax that may contain malware
or pointers to malicious websites.
Microsoft does not distribute security updates via email.
The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP
key at .
**************************************************************************************
THE INFORMATION PROVIDED IN THIS MICROSOFT COMMUNICATION IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS
BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION
MAY NOT APPLY.
**************************************************************************************
IMPORTANT ANNOUNCEMENT: In the coming months we will be moving
to a new, more user-friendly and flexible system for delivering
Microsoft Technical Security Notifications. Upcoming information
about how you can sign up for and receive these Technical Security
Notifications will be coming soon.
Microsoft respects your privacy. Please read our online Privacy
Statement at
.
If you would prefer not to receive future technical security
notification alerts by email from Microsoft and its family of
companies please visit the following website to
unsubscribe:
.
These settings will not affect any newsletters you've requested
or any mandatory service communications that are considered part
of certain Microsoft services.
For legal Information, see:
.
This newsletter was sent by:
Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052
========================================================+ CERT-RENATER | tel : 01-53-94-20-44 +
+ 23/25 Rue Daviel | fax : 01-53-94-20-41 +
+ 75013 Paris | email:cert@support.renater.fr +
=======================================================