Security News > 2022 > March > Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday

Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
2022-03-08 21:42

Microsoft has addressed 71 security vulnerabilities in its scheduled March Patch Tuesday update - only three of which are rated critical in severity.

Three of the bugs are listed as publicly known zero-days, but none of them are listed as having been exploited in the wild.

It's worth noting that the update marks the second month in a row with a surprisingly low number of critical patches; in fact, February's Patch Tuesday update didn't list any.

"It's unclear if this low percentage of bugs is just a coincidence, or if Microsoft might be evaluating the severity using different calculus than in the past."

Breen pointed out that the bug is one of three RCE bugs affecting RDP included in the advisory; the other two are CVE-2022-23285 and CVE-2022-24503.

Microsoft offered no technical details about the third publicly known bug.


News URL

https://threatpost.com/microsoft-zero-days-critical-bugsmarch-patch-tuesday/178817/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-03-09 CVE-2022-24503 Unspecified vulnerability in Microsoft products
Remote Desktop Protocol Client Information Disclosure Vulnerability 		0.0
0.0
2022-03-09 CVE-2022-23285 Unspecified vulnerability in Microsoft products
Remote Desktop Client Remote Code Execution Vulnerability 		0.0
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 381 51 1408 2904 175 4538