NCA RECOMMENDED SECURITY PATCHES INSTALLATION NEEDED
I received the following email and I need your advice:
Hello Everyone,
Please go through the NCA (National Cybersecurity Authority) concern for
vulnerabilities/attacks as stated below and install the needed patches
for the OM servers in KAMCJ data center and inform us once it’s done.
“NCA has observed the public release of information about critical
vulnerabilities:
• (CVE-2022-21990) affecting Microsoft Remote Desktop
(RDP) Client:
The vulnerability is a Remote Code execution in Remote Desktop Client.
The vulnerability can be exploited when a victim machine connects to an
attacker-controlled Remote Desktop Server, allowing the attacker to
execute arbitrary code on the victim’s machine.
o Affected Versions:
Windows Server 2022
Windows Server 2019
Windows Server 2016
Windows Server 2012
Window Server 2008
Windows Server Version 21H2
Windows Server Version 20H2
Windows 11
Windows 10
Windows 8
Windows 7
Remote Desktop Client for Windows Desktop
• (CVE-2022-23277) in Microsoft Exchange Server:
The vulnerability is a Remote Code Execution in Microsoft Exchange
Server. This vulnerability exists due to improper input validation. In
order to exploit this, an attacker would need to be authenticated to a
vulnerable Exchange server.
o Affected Versions:
Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2013 Cumulative Update 23
• (CVE-2022-22005) in Microsoft SharePoint Server:
The vulnerability is a Remote Code Execution in Microsoft SharePoint
Server. This vulnerability allows remote attackers to execute arbitrary
code on affected installations SharePoint Server. Authentication is
required to exploit this vulnerability. It is worth noting that a
detailed write up explaining the vulnerability has been published.
o Affected Versions:
Microsoft SharePoint Server 2019
Microsoft SharePoint Server 2013 SP1
Microsoft SharePoint Server 2016
Microsoft SharePoint Server Subscription Edition
NCA urges organizations to apply updates as described in the Security
Advisory:
CVE-2022-21990
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990
CVE-2022-23277
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277
CVE-2022-22005
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22005 [1]
“
VERY IMPORTANT NOTE: PLEASE TEST THE PATCHES BEFORE INSTALLATION
FOR ANY INTERRUPTION OR DELAY IN THE SERVICES. THE SERVER ALSO NEEDS
REBOOT AT THE END.