Security News > 2022 > March > Microsoft March 2022 Patch Tuesday fixes 71 flaws, 3 zero-days
Today is Microsoft's March 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 71 flaws.
Microsoft has fixed 71 vulnerabilities with today's update, with three classified as Critical as they allow remote code execution.
This month's Patch Tuesday includes fixes for three publicly disclosed zero-day vulnerabilities.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
While none of these vulnerabilities have been used in attacks, Microsoft states that there are public proof-of-concept exploits for CVE-2022-21990 and CVE-2022-24459.
Below is the complete list of resolved vulnerabilities and released advisories in the March 2022 Patch Tuesday updates.
News URL
Related news
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24459 | Unspecified vulnerability in Microsoft products Windows Fax and Scan Service Elevation of Privilege Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-21990 | Unspecified vulnerability in Microsoft products Remote Desktop Client Remote Code Execution Vulnerability | 0.0 |