-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
************************************************************************************
Title: Microsoft Security Update Revisions
Issued: March 25, 2022
************************************************************************************
Summary
=======
The following CVEs have undergone revision increments.
====================================================================================
* CVE-2021-36927
* CVE-2022-21957
* CVE-2022-23282
* CVE-2022-23300
- CVE-2021-36927 | Windows Digital TV Tuner device registration application Elevation
of Privilege Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36927
- Version: 2.1
- Reason for Revision: Affected software updated with new package information.
- Originally posted: August 10, 2021
- Updated: March 23, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-21957 | Microsoft Dynamics 365 (on-premises) Remote Code Execution
Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21957
- Version: 2.0
- Reason for Revision: The following revisions have been made to the Security
Updates table: 1) Microsoft is announcing the availability of the security updates
for Microsoft Dynamics 365 (on-premises) version 9.0 and Microsoft Dynamics 365
(on-premises) version 9.1. Customers running these versions of Microsoft Dynamics
365 (on-premises) should install the update for their product to be protected from
this vulnerability. See the Security Updates table for Download and Article links.
2) Removed Microsoft Dynamics 365 (on-premises) version 8.2 as it is not affected
by this vulnerability.
- Originally posted: February 8, 2022
- Updated: March 23, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-23282 | Paint 3D Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23282
- Version: 1.1
- Reason for Revision: Added an FAQ. This is an information change only.
- Originally posted: March 8, 2022
- Updated: March 23, 2022
- Aggregate CVE Severity Rating: Important
- CVE-2022-23300 | Raw Image Extension Remote Code Execution Vulnerability
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23300
- Version: 1.1
- Reason for Revision: Added platform designations to Security Updates table because
the version of the raw extension is different for Windows 10 operating systems
and Windows 11 operating systems. This is an informational change only.
- Originally posted: March 8, 2022
- Updated: March 24, 2022
- Aggregate CVE Severity Rating: Important
Other Information
=================
Recognize and avoid fraudulent email to Microsoft customers:
=============================================================
If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Microsoft does not distribute security updates via email.