Security News > 2022 > December > Microsoft December 2022 Patch Tuesday fixes 2 zero-days, 49 flaws
Today is Microsoft's December 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities, including an actively exploited bug, and a total of 49 flaws.
Six of the 49 vulnerabilities fixed in today's update are classified as 'Critical' as they allow remote code execution, one of the most severe types of vulnerabilities.
The above counts do not include twenty-five Microsoft Edge vulnerabilities previously fixed on December 5th. For information about the non-security Windows updates, you can read today's articles on the Windows 10 KB5021233 and KB5021237 updates and the Windows 11 KB5021255 and KB5021234 updates.
This month's Patch Tuesday fixes two zero-day vulnerabilities, one actively exploited and the other publicly disclosed.
Below is the complete list of resolved vulnerabilities and released advisories in the December 2022 Patch Tuesday updates.
Microsoft October 2022 Patch Tuesday fixes zero-day used in attacks, 84 flaws.
News URL
Related news
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- April's Patch Tuesday leaves unlucky Windows Hello users unable to login (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)