Security News > 2022 > January > Microsoft starts 2022 with big bundle fixes for 96 security bugs in its software
For its first Patch Tuesday of 2022, Redmond has bestowed 96 new CVEs affecting its Windows products.
If you include 24 Chromium CVEs published earlier this month and now addressed in Microsoft's Edge browser, in addition to two CVEs in open source projects, you get 122 fixes that need to be applied.
Of the 96 Windows CVEs and the two open source fixes, nine are rated Critical and 89 are rated Important.
Dustin Childs, with the Zero Day Initiative, calls attention to yet another Microsoft Exchange critical remote code execution flaw, which like several recent Exchange bugs has been flagged by.
Security biz CyberArk believes some attention should be paid to the vulnerability, rated Important, in Windows Remote Desktop Services that the company discovered and disclosed to Microsoft.
Alongside its patch notifications, Microsoft said it is revising how it shares information through its Security Update Guide.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/01/12/january_patch_tuesday/
Related news
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft: January Windows security updates break audio playback (source)
- Microsoft shares workaround for Windows security update issues (source)