Skip to main content
Customer Support Customer Support

Microsoft Security Update Revisions Issued: March 8, 2022

  • March 8, 2022
  • 0 replies
  • 3 views
TripleHelix
Moderator
Forum|alt.badge.img+63

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

************************************************************************************

Title: Microsoft Security Update Revisions

Issued: March 8, 2022

************************************************************************************

 

Summary

=======

 

The following CVEs have undergone revision increments.

====================================================================================

 

* CVE-2021-3711

* CVE-2021-36927

* CVE-2022-21957

 

 

 

 - CVE-2021-3711 | OpenSSL: CVE-2021-3711 SM2 Decryption Buffer Overflow

 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-3711

 - Version: 2.0

 - Reason for Revision: Added Visual Studio 2022 version 17.0 and Visual Studio 2022

   version 17.1 to the Security Updates table as these versions of Visual Studio are

   affected by this vulnerability. Customers running either version of Visual Studio

   2022 should install the March 2022 security updates to be protected from this

   vulnerability.

 - Originally posted: November 9, 2021

 - Updated: March 8, 2022

 - Aggregate CVE Severity Rating: Critical

 

 - CVE-2021-36927 | Windows Digital TV Tuner device registration application

   Elevation of Privilege Vulnerability

 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36927

 - Version: 1.1

 - Reason for Revision: To comprehensively address CVE-2021-36927, Microsoft has

   released March 2022 security updates for all affected versions of Microsoft Windows.

   Microsoft strongly recommends that customers install the updates to be fully

   protected from the vulnerability. Customers whose systems are configured to

   receive automatic updates do not need to take any further action.

 - Originally posted: August 10, 2021

 - Updated: March 8, 2022

 - Aggregate CVE Severity Rating: Important

 

 - CVE-2022-21957 | Microsoft Dynamics 365 (on-premises) Remote Code Execution

   Vulnerability

 - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21957

 - Version: 1.1

 - Reason for Revision: Added FAQ to explain that the security updates for

   Microsoft Dynamics 365 (on-premises) version 8.2 and Microsoft Dynamics 365

   (on-premises) version 9.1 are not immediately available, and that customers will

   be notified via a revision to the CVE when the updates are available.

 - Originally posted: February 8, 2022

 - Updated: March 8, 2022

 - Aggregate CVE Severity Rating: Important

 

 

Other Information

=================

 

Recognize and avoid fraudulent email to Microsoft customers:

=============================================================

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.

 

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Windows 11 Pro x64 for Workstations on my Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Samsung Galaxy A16 5G OS 16.
Jasper_The_Rasper
Ssherjj
TripleHelix

Terms & ConditionsAccessibility statement