Security News > 2022 > January > Microsoft starts 2022 with big bundle fixes for 96 security bugs in its software
For its first Patch Tuesday of 2022, Redmond has bestowed 96 new CVEs affecting its Windows products.
If you include 24 Chromium CVEs published earlier this month and now addressed in Microsoft's Edge browser, in addition to two CVEs in open source projects, you get 122 fixes that need to be applied.
Of the 96 Windows CVEs and the two open source fixes, nine are rated Critical and 89 are rated Important.
Dustin Childs, with the Zero Day Initiative, calls attention to yet another Microsoft Exchange critical remote code execution flaw, which like several recent Exchange bugs has been flagged by.
Security biz CyberArk believes some attention should be paid to the vulnerability, rated Important, in Windows Remote Desktop Services that the company discovered and disclosed to Microsoft.
Alongside its patch notifications, Microsoft said it is revising how it shares information through its Security Update Guide.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/01/12/january_patch_tuesday/
Related news
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft disables BitLocker security fix, advises manual mitigation (source)
- Microsoft security tools questioned for treating employees as threats (source)
- Microsoft hosts a security summit but no press, public allowed (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)