Security News > 2022 > March > Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

It's worth pointing out that Microsoft separately addressed 21 flaws in the Chromium-based Microsoft Edge browser earlier this month.

All the three critical vulnerabilities remediated this month are remote code execution flaws impacting HEVC Video Extensions, Microsoft Exchange Server, and VP9 Video Extensions.

The Microsoft Exchange Server vulnerability, which was reported by researcher Markus Wulftange, is also noteworthy for the fact that it requires the attacker to be authenticated to be able to exploit the server.

Other defects of significance are a number of remote code execution flaws in Windows SMBv3 Client/Server, Microsoft Office, and Paint 3D, as well as privilege escalation flaws in Xbox Live Auth Manager, Microsoft Defender for IoT, and Azure Site Recovery.

In all, the patches close out 29 remote code execution vulnerabilities, 25 elevation of privilege vulnerabilities, six information disclosure vulnerabilities, four denial-of-service vulnerabilities, three security feature bypass vulnerabilities, three spoofing vulnerabilities, and one tampering vulnerability.

In addition to Microsoft, security updates have also been released by other vendors to rectify several vulnerabilities, counting -.

News URL

https://thehackernews.com/2022/03/critical-security-patches-issued-by.html