You can now update Windows 10: the first Patch Tuesday of 2022 arrives with almost 100 solutions to critical and important errors

0

Microsoft has launched its first Patch Tuesday of this new year 2022 with solutions for six publicly disclosed zero-day or zero-day vulnerabilities, although none of them have been actively exploited in attacks.

Redmond’s too fixes a total of 97 bugs in Windows, plus 29 vulnerabilities in your Microsoft Edge browser. Of the corrected bugs in their software, there were nine classified as critical and 88 as important.

How to install security patches and optional updates in Windows 10

Problems encountered that Microsoft fixed in this Patch Tuesday January they were classified like this:

41 Elevation of Privilege Vulnerabilities

9 Security Role Bypass Vulnerabilities

29 Remote Code Execution Vulnerabilities

6 Information disclosure vulnerabilities

9 Denial of service vulnerabilities

3 Impersonation vulnerabilities

‘Sgroogled.com’: When MICROSOFT Launched ANTI-GOOGLE Ads

What’s new for almost everything in Windows 10

Windows

The update arrives for different versions of Windows 10 and is associated with the KB5009543 patch. You can download it if you have Windows 10 May 2020 Update (2004), Windows 10 October 2020 Update (20H2), Windows 10 May 2021 Update (21H1) and Windows 10 November 2021 Update (21H2) on your computer.

In addition, Microsoft has also announced a revamped notification system for its Security Update Guide. Arrives with standard email addresses which are now accepted at registration instead of just Live IDs.

It should be remembered that at the beginning of this month the company released an emergency fix for a bug affecting Exchange servers. Specifically, the MS Exchange antispam and antimalware engine (FIP-FS, activated by default in the installations of that platform since its version 2013) suffered an error when processing the date from midnight on December 31, 2021, so millions of emails were paralyzed on the servers, without forwarding to their recipients.

What were the Zero-day vulnerabilities

Regarding zero-day vulnerabilities, although according to Microsoft none of them have been actively exploited in attacks, as they were made public, could be exploiteds. Son:

CVE-2021-22947 – Open Source Curl Remote Code Execution Vulnerability

CVE-2021-36976 – Libarchive Remote Code Execution Vulnerability

CVE-2022-21919 – Windows User Profile Service Elevation of Privilege vulnerability

CVE-2022-21836 – Windows Certificate Forgery Vulnerability

CVE-2022-21839 – Windows Discretionary Access Control List Denial of Service vulnerability

CVE-2022-21874 – Windows Security Center API Remote Code Execution Vulnerability

Both the vulnerability of Curl like Libarchive’s had already been fixed, but the fixes were added to Windows now with the patch.

LEAVE A REPLY

Please enter your comment!
Please enter your name here