Tuesday, 11 January 2022

Microsoft’s Security Update Fixes 96 Flaws, Including 6 Zero-Day

WebProNews
Microsoft’s Security Update Fixes 96 Flaws, Including 6 Zero-Day

Microsoft’s latest Patch Tuesday includes fixes for 96 security vulnerabilities, including six that are zero-day.

The latest patch covers a slew of Microsoft products, including the .Net Framework, Microsoft Dynamics, Microsoft Exchange, Office, Windows Defender, Remote Desktop, and more.

The zero-day vulnerabilities include the following:

  • CVE-2021-22947: Open Source Curl Remote Code Execution Vulnerability
  • CVE-2021-36976: Libarchive Remote Code Execution Vulnerability
  • CVE-2022-21874: Windows Security Center API Remote Code Execution Vulnerability
  • CVE-2022-21919: Windows User Profile Service Elevation of Privilege Vulnerability
  • CVE-2022-21839: Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
  • CVE-2022-21836: Windows Certificate Spoofing Vulnerability

Fortunately, Microsoft has no indication the above vulnerabilities are currently being exploited.

Microsoft’s Security Update Fixes 96 Flaws, Including 6 Zero-Day
Staff



from WebProNews https://ift.tt/3A2j3k5

No comments:

Post a Comment