Microsoft April 2022 Security Updates

Security 10756 Published 2022-04-13 06:41 by Philipp Esselbach

News

Microsoft has announced the security updates for April 2022.

April 2022 Security Updates

Updates this Month

This release consists of security updates for the following products, features and roles.

.NET Framework

Active Directory Domain Services

Azure SDK

Azure Site Recovery

LDAP - Lightweight Directory Access Protocol

Microsoft Bluetooth Driver

Microsoft Dynamics

Microsoft Edge (Chromium-based)

Microsoft Graphics Component

Microsoft Local Security Authority Server (lsasrv)

Microsoft Office Excel

Microsoft Office SharePoint

Microsoft Windows ALPC

Microsoft Windows Codecs Library

Microsoft Windows Media Foundation

Power BI

Role: DNS Server

Role: Windows Hyper-V

Skype for Business

Visual Studio

Visual Studio Code

Windows Ancillary Function Driver for WinSock

Windows App Store

Windows AppX Package Manager

Windows Cluster Client Failover

Windows Cluster Shared Volume (CSV)

Windows Common Log File System Driver

Windows Defender

Windows DWM Core Library

Windows Endpoint Configuration Manager

Windows Fax Compose Form

Windows Feedback Hub

Windows File Explorer

Windows File Server

Windows Installer

Windows iSCSI Target Service

Windows Kerberos

Windows Kernel

Windows Local Security Authority Subsystem Service

Windows Media

Windows Network File System

Windows PowerShell

Windows Print Spooler Components

Windows RDP

Windows Remote Procedure Call Runtime

Windows schannel

Windows SMB

Windows Telephony Server

Windows Upgrade Assistant

Windows User Profile Service

Windows Win32K

Windows Work Folder Service

YARP reverse proxy

Please note the following information regarding the security updates:

Security Update Guide Blog Posts

Date Blog Post

January 11, 2022 Coming Soon: New Security Update Guide Notification System

February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

December 8, 2020 Security Update Guide: Let’s keep the conversation going

November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

Relevant Information

The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.

FAQs, Mitigations, and Workarounds

The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.

CVE-2022-1125

CVE-2022-1127

CVE-2022-1128

CVE-2022-1129

CVE-2022-1130

CVE-2022-1131

CVE-2022-1133

CVE-2022-1134

CVE-2022-1135

CVE-2022-1136

CVE-2022-1137

CVE-2022-1138

CVE-2022-1139

CVE-2022-1143

CVE-2022-1145

CVE-2022-1146

CVE-2022-1232

CVE-2022-21983

CVE-2022-22008

CVE-2022-22009

CVE-2022-23257

CVE-2022-23259

CVE-2022-23268

CVE-2022-23292

CVE-2022-24472

CVE-2022-24473

CVE-2022-24475

CVE-2022-24482

CVE-2022-24483

CVE-2022-24485

CVE-2022-24487

CVE-2022-24490

CVE-2022-24491

CVE-2022-24492

CVE-2022-24493

CVE-2022-24495

CVE-2022-24497

CVE-2022-24498

CVE-2022-24500

CVE-2022-24523

CVE-2022-24527

CVE-2022-24528

CVE-2022-24532

CVE-2022-24533

CVE-2022-24534

CVE-2022-24536

CVE-2022-24537

CVE-2022-24539

CVE-2022-24540

CVE-2022-24541

CVE-2022-24543

CVE-2022-24545

CVE-2022-24765

CVE-2022-24767

CVE-2022-26783

CVE-2022-26785

CVE-2022-26807

CVE-2022-26808

CVE-2022-26809

CVE-2022-26811

CVE-2022-26812

CVE-2022-26813

CVE-2022-26814

CVE-2022-26815

CVE-2022-26816

CVE-2022-26817

CVE-2022-26818

CVE-2022-26819

CVE-2022-26820

CVE-2022-26821

CVE-2022-26822

CVE-2022-26823

CVE-2022-26824

CVE-2022-26825

CVE-2022-26826

CVE-2022-26827

CVE-2022-26828

CVE-2022-26829

CVE-2022-26830

CVE-2022-26891

CVE-2022-26894

CVE-2022-26895

CVE-2022-26896

CVE-2022-26897

CVE-2022-26898

CVE-2022-26900

CVE-2022-26901

CVE-2022-26903

CVE-2022-26904

CVE-2022-26907

CVE-2022-26908

CVE-2022-26909

CVE-2022-26910

CVE-2022-26911

CVE-2022-26912

CVE-2022-26916

CVE-2022-26917

CVE-2022-26918

CVE-2022-26919

CVE-2022-26920

CVE-2022-26924

Known Issues

You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.

For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

KB Article Applies To

5012591 Windows 10, version 1909

5012592 Windows 11

5012596 Windows 10, version 1607, Windows Server 2016

5012599 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

5012604 Windows Server 2022

5012626 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

5012632 Windows Server 2008 (Security-only update)

5012639 Windows 8.1, Windows Server 2012 R2 (Security-only update)

5012647 Windows 10, version 1809

5012649 Windows 7, Windows Server 2008 R2 (Security-only update)

5012650 Windows Server 2012 (Monthly Rollup)

5012653 Windows 10

5012658 Windows Server 2008 (Monthly Rollup)

5012666 Windows Server 2012 (Security-only update)

5012670 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

5002191 SharePoint Server Subscription Edition

Security Update Guide - Microsoft Security Response Center

Date	Blog Post
January 11, 2022	Coming Soon: New Security Update Guide Notification System
February 9, 2021	Continuing to Listen: Good News about the Security Update Guide API
January 13, 2021	Security Update Guide Supports CVEs Assigned by Industry Partners
December 8, 2020	Security Update Guide: Let’s keep the conversation going
November 9, 2020	Vulnerability Descriptions in the New Version of the Security Update Guide

KB Article	Applies To
5012591	Windows 10, version 1909
5012592	Windows 11
5012596	Windows 10, version 1607, Windows Server 2016
5012599	Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2
5012604	Windows Server 2022
5012626	Windows 7, Windows Server 2008 R2 (Monthly Rollup)
5012632	Windows Server 2008 (Security-only update)
5012639	Windows 8.1, Windows Server 2012 R2 (Security-only update)
5012647	Windows 10, version 1809
5012649	Windows 7, Windows Server 2008 R2 (Security-only update)
5012650	Windows Server 2012 (Monthly Rollup)
5012653	Windows 10
5012658	Windows Server 2008 (Monthly Rollup)
5012666	Windows Server 2012 (Security-only update)
5012670	Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
5002191	SharePoint Server Subscription Edition

Driver Booster 9.3.0.200 released

Linux Kernel 5.17.3 released

Microsoft April 2022 Security Updates

April 2022 Security Updates

Updates this Month

Security Update Guide Blog Posts

Relevant Information

FAQs, Mitigations, and Workarounds

Known Issues

Windows

Linux

macOS

Community