QID 91936

Date Published: 2022-08-10

QID 91936: Microsoft Azure Stack Hub Security Updates for August 2022

Azure Stack Hub is an extension of Azure that provides a way to run apps in an on-premises environment and deliver Azure services in your datacenter.

A complete Qualys vulnerability scan report for Microsoft Azure Stack Hub can be obtained at Azure Stack Vulnerability Scan Report.

QID Detection Logic (Authenticated):
This QID checks for the file version of ntoskrnl.exe, if this file version is less than 10.0.17763.10935, it is considered as vulnerable.

Successful exploitation of these vulnerabilities might allow an attacker to perform Information Disclosure, Elevation of Privileges, Security Feature Bypass, Remote Code Execution, and Denial of Service attacks.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as Critical - 10 severity.
  • Solution
    Customers are encouraged to connect with Microsoft for obtaining more information about patches and upcoming releases.

    Software Advisories
    Advisory ID Software Component Link
    Azure Stack Hub URL Logo docs.microsoft.com/en-us/azure-stack/operator/azure-stack-apply-updates?view=azs-2108