Security News > 2022 > March > Microsoft March 2022 Patch Tuesday fixes 71 flaws, 3 zero-days
Today is Microsoft's March 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 71 flaws.
Microsoft has fixed 71 vulnerabilities with today's update, with three classified as Critical as they allow remote code execution.
This month's Patch Tuesday includes fixes for three publicly disclosed zero-day vulnerabilities.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
While none of these vulnerabilities have been used in attacks, Microsoft states that there are public proof-of-concept exploits for CVE-2022-21990 and CVE-2022-24459.
Below is the complete list of resolved vulnerabilities and released advisories in the March 2022 Patch Tuesday updates.
News URL
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-09 | CVE-2022-24459 | Unspecified vulnerability in Microsoft products Windows Fax and Scan Service Elevation of Privilege Vulnerability | 0.0 |
| 2022-03-09 | CVE-2022-21990 | Unspecified vulnerability in Microsoft products Remote Desktop Client Remote Code Execution Vulnerability | 0.0 |