NCA RECOMMENDED SECURITY PATCHES INSTALLATION NEEDED

shadi mohammad 1 Reputation point
2022-03-27T09:22:57.96+00:00

I received the following email and I need your advice:
Hello Everyone,

Please go through the NCA (National Cybersecurity Authority) concern for
vulnerabilities/attacks as stated below and install the needed patches
for the OM servers in KAMCJ data center and inform us once it’s done.

“NCA has observed the public release of information about critical
vulnerabilities:

• (CVE-2022-21990) affecting Microsoft Remote Desktop
(RDP) Client:

The vulnerability is a Remote Code execution in Remote Desktop Client.
The vulnerability can be exploited when a victim machine connects to an
attacker-controlled Remote Desktop Server, allowing the attacker to
execute arbitrary code on the victim’s machine.

o Affected Versions:

 Windows Server 2022

 Windows Server 2019

 Windows Server 2016

 Windows Server 2012

 Window Server 2008

 Windows Server Version 21H2

 Windows Server Version 20H2

 Windows 11

 Windows 10

 Windows 8

 Windows 7

 Remote Desktop Client for Windows Desktop

• (CVE-2022-23277) in Microsoft Exchange Server:

The vulnerability is a Remote Code Execution in Microsoft Exchange
Server. This vulnerability exists due to improper input validation. In
order to exploit this, an attacker would need to be authenticated to a
vulnerable Exchange server.

o Affected Versions:

 Microsoft Exchange Server 2019 Cumulative Update 11

 Microsoft Exchange Server 2016 Cumulative Update 22

 Microsoft Exchange Server 2019 Cumulative Update 10

 Microsoft Exchange Server 2016 Cumulative Update 21

 Microsoft Exchange Server 2013 Cumulative Update 23

• (CVE-2022-22005) in Microsoft SharePoint Server:

The vulnerability is a Remote Code Execution in Microsoft SharePoint
Server. This vulnerability allows remote attackers to execute arbitrary
code on affected installations SharePoint Server. Authentication is
required to exploit this vulnerability. It is worth noting that a
detailed write up explaining the vulnerability has been published.

o Affected Versions:

 Microsoft SharePoint Server 2019

 Microsoft SharePoint Server 2013 SP1

 Microsoft SharePoint Server 2016

 Microsoft SharePoint Server Subscription Edition

NCA urges organizations to apply updates as described in the Security
Advisory:

            CVE-2022-21990


https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990

            CVE-2022-23277


https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23277

            CVE-2022-22005


https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22005 [1]

VERY IMPORTANT NOTE: PLEASE TEST THE PATCHES BEFORE INSTALLATION
FOR ANY INTERRUPTION OR DELAY IN THE SERVICES. THE SERVER ALSO NEEDS
REBOOT AT THE END.

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,049 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,833 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.