Korean
<< Back
VID 26868
Severity 40
Port 139.445
Protocol TCP
Class SMB
Detailed Description Microsoft Security Update for June 2022 is not installed. The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities

- An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151, CVE-2022-30150, CVE-2022-30147, CVE-2022-30132, CVE-2022-30131)

- A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application. (CVE-2022-30164)

- A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-30163, CVE-2022-30161, CVE-2022-30153, CVE-2022-30149, CVE-2022-30146, CVE-2022-30145, CVE-2022-30143, CVE-2022-30142, CVE-2022-30141, CVE-2022-30140, CVE-2022-30139,CVE-2022-30190)

* References:
https://support.microsoft.com/en-us/help/4009469
https://support.microsoft.com/en-us/help/4009470
https://support.microsoft.com/en-us/help/4009471
https://support.microsoft.com/en-us/help/4000825

* Platforms Affected:
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10
Windows 11
Windows Server 2016
Windows Server 2019
Recommendation Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin June 2022 Microsoft security update at

https://support.microsoft.com/en-us/help/4009469
https://support.microsoft.com/en-us/help/4009470
https://support.microsoft.com/en-us/help/4009471
https://support.microsoft.com/en-us/help/4000825
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch.
Related URL CVE-2022-30166,CVE-2022-30165,CVE-2022-30160,CVE-2022-30154,CVE-2022-30151,CVE-2022-30150,CVE-2022-301203,CVE-2022-301247,CVE-2022-30131 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)