Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB5012592
HistoryApr 12, 2022 - 8:00 a.m.

April 12, 2022—KB5012592 (OS Build 22000.613)

2022-04-1208:00:00
Microsoft
support.microsoft.com
39

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON

April 12, 2022—KB5012592 (OS Build 22000.613)

For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11 (original release), see its update history page.NoteFollow @WindowsUpdate to find out when new content is published to the Windows release health dashboard.

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

Highlights

  • Updates security for your Windows operating system.

Improvements

This security update includes improvements that were a part of update KB5011563 (released March 22, 2022) and also addresses the following issues:

  • This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
    If you installed earlier updates, only the new updates contained in this package will be downloaded and installed on your device.For more information about security vulnerabilities, please refer to the Security Update Guide website and the April 2022 Security Updates.

Windows 11 servicing stack update - 22000.581

This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

Known issues in this update

Applies to Symptom Workaround
IT admins After installing the Windows updates released January 11, 2022 or later Windows versions on an affected version of Windows, recovery discs (CD or DVD) created by using the Backup and Restore (Windows 7) app in Control Panel might be unable to start.Recovery discs that were created by using the Backup and Restore (Windows 7) app on devices which have installed Windows updates released before January 11, 2022 are not affected by this issue and should start as expected.NoteNo third-party backup or recovery apps are currently known to be affected by this issue This issue is addressed in KB5014019.

How to get this update

Before installing this updateMicrosoft combines the latest servicing stack update (SSU) for your operating system with the latest cumulative update (LCU). For general information about SSUs, see Servicing stack updates and Servicing Stack Updates (SSU): Frequently Asked Questions.Install this update****Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Windows Update for Business Yes None. This update will be downloaded and installed automatically from Windows Update in accordance with configured policies.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows 11Classification: Security Updates

If you want to remove the LCUTo remove the LCU after installing the combined SSU and LCU package, use the DISM/Remove-Package command line option with the LCU package name as the argument. You can find the package name by using this command:DISM /online /get-packages.Running Windows Update Standalone Installer (wusa.exe) with the**/uninstall **switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation.

File informationFor a list of the files that are provided in this update, download the file information for cumulative update 5012592. For a list of the files that are provided in the servicing stack update, download the file information for the SSU - version 22000.581.

Related

openvas 7
nessus 11
mskb 14
kaspersky 3
thn 2
threatpost 1
malwarebytes 1
qualysblog 1
avleonov 1
krebs 1
rapid7blog 1
akamaiblog 1
hivepro 2
prion 24
mscve 25
nvd 28
cvelist 29
cve 23
cnvd 9
zdi 2
checkpoint_advisories 5
vulnrichment 2
githubexploit 4
cisa_kev 1
attackerkb 1
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5012592)
2023-08-08 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012653)
2022-04-13 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5012591)
2022-04-13 00:00:00
nessus
nessus
KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)
2022-04-12 00:00:00
KB5012592: Windows 11 Security Update (April 2022)
2022-04-12 00:00:00
KB5012591: Windows 10 version 1909 / Windows Server 1909 Security Update (April 2022)
2022-04-12 00:00:00
mskb
mskb
April 12, 2022—KB5012591 (OS Build 18363.2212)
2022-04-12 08:00:00
April 12, 2022—KB5012653 (OS Build 10240.19265) - EXPIRED
2022-04-12 08:00:00
April 12, 2022—KB5012666 (Security-only update)
2022-04-12 08:00:00
kaspersky
kaspersky
KLA12509 Multiple vulnerabilities in Microsoft Products (ESU)
2022-04-12 00:00:00
KLA12502 Multiple vulnerabilities in Microsoft Windows
2022-04-12 00:00:00
KLA12503 Multiple vulnerabilities in Microsoft Windows
2022-04-05 00:00:00
thn
thn
Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities
2022-04-13 03:22:00
Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector
2022-10-26 08:13:00
threatpost
threatpost
Microsoft Zero-Days, Wormable Bugs Spark Concern
2022-04-12 20:00:54
malwarebytes
malwarebytes
April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
2022-04-13 13:57:39
qualysblog
qualysblog
April 2022 Patch Tuesday: Microsoft Releases 145 Vulnerabilities with 10 Critical; Adobe Releases 4 Advisories, 78 Vulnerabilities with 51 Critical.
2022-04-12 20:07:30
avleonov
avleonov
Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics
2022-04-23 09:22:32
krebs
krebs
Microsoft Patch Tuesday, April 2022 Edition
2022-04-13 15:01:24
rapid7blog
rapid7blog
Patch Tuesday - April 2022
2022-04-12 18:48:11
akamaiblog
akamaiblog
Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime
2022-04-13 09:15:00
hivepro
hivepro
Microsoft Patch Tuesday April 2022 addressed two zero-day vulnerabilities
2022-04-14 05:08:02
Zero-day vulnerability leveraged to deploy Cuba Ransomware
2022-08-11 12:34:37
prion
prion
Denial of service
2022-04-15 19:15:00
Privilege escalation
2022-04-15 19:15:00
Privilege escalation
2022-04-15 19:15:00
mscve
mscve
Windows Print Spooler Elevation of Privilege Vulnerability
2022-04-12 08:00:00
Windows Common Log File System Driver Elevation of Privilege Vulnerability
2022-04-12 08:00:00
Windows Network File System Remote Code Execution Vulnerability
2022-04-12 08:00:00
nvd
nvd
CVE-2022-26789
2022-04-15 19:15:12
CVE-2022-24546
2022-04-15 19:15:11
CVE-2022-23257
2022-04-15 19:15:09
cvelist
cvelist
CVE-2022-24546 Windows DWM Core Library Elevation of Privilege Vulnerability
2022-04-15 19:04:09
CVE-2022-24545 Windows Kerberos Remote Code Execution Vulnerability
2022-04-15 19:04:07
CVE-2022-26786 Windows Print Spooler Elevation of Privilege Vulnerability
2022-04-15 19:04:22
cve
cve
CVE-2022-26914
2022-04-15 19:15:15
CVE-2022-26830
2022-04-15 19:15:14
CVE-2022-26786
2022-04-15 19:15:12
cnvd
cnvd
Microsoft Windows Kerberos Remote Code Execution Vulnerability
2022-04-15 00:00:00
Microsoft Windows Print Spooler Elevation of Privilege Vulnerability (CNVD-2022-62513)
2022-04-15 00:00:00
Microsoft Windows Direct Show Remote Code Execution Vulnerability
2022-04-15 00:00:00
zdi
zdi
Microsoft Windows win32kfull UMPDDrvNextBand Use-After-Free Local Privilege Escalation Vulnerability
2023-04-24 00:00:00
Microsoft Windows CreateObjectHandler Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
2022-05-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Network File System Remote Code Execution (CVE-2022-24497)
2022-04-12 00:00:00
Microsoft Windows Win32k Elevation of Privilege (CVE-2022-24542)
2022-04-12 00:00:00
Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2022-24546)
2022-04-12 00:00:00
vulnrichment
vulnrichment
CVE-2022-24495 Windows Direct Show - Remote Code Execution Vulnerability
2022-04-15 19:03:31
CVE-2022-24479 Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
2022-04-15 19:03:04
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2022-05-19 03:32:12
Exploit for CVE-2022-24500
2023-08-03 01:55:15
Exploit for Vulnerability in Microsoft
2022-07-17 11:25:12
cisa_kev
cisa_kev
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
2022-04-13 00:00:00
attackerkb
attackerkb
CVE-2022-24521
2022-04-15 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.0%

JSON
Related for KB5012592
openvas7nessus11mskb14kaspersky3thn2threatpost1malwarebytes1qualysblog1avleonov1krebs1rapid7blog1akamaiblog1hivepro2prion24mscve25nvd28cvelist29cve23cnvd9zdi2checkpoint_advisories5vulnrichment2githubexploit4cisa_kev1attackerkb1