Security News > 2022 > March > Microsoft March 2022 Patch Tuesday fixes 71 flaws, 3 zero-days
Today is Microsoft's March 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 71 flaws.
Microsoft has fixed 71 vulnerabilities with today's update, with three classified as Critical as they allow remote code execution.
This month's Patch Tuesday includes fixes for three publicly disclosed zero-day vulnerabilities.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
While none of these vulnerabilities have been used in attacks, Microsoft states that there are public proof-of-concept exploits for CVE-2022-21990 and CVE-2022-24459.
Below is the complete list of resolved vulnerabilities and released advisories in the March 2022 Patch Tuesday updates.
News URL
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24459 | Unspecified vulnerability in Microsoft products Windows Fax and Scan Service Elevation of Privilege Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-21990 | Unspecified vulnerability in Microsoft products Remote Desktop Client Remote Code Execution Vulnerability | 0.0 |