Monthly Patch
January 2022 Monthly Patch Release
12 January 2022
Microsoft has released security patches to address multiple vulnerabilities in their software and products.
The vulnerabilities that have been classified as Critical in severity are listed in the table below.
For the full list of security patches released by Microsoft, please refer to
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2022-Jan
Critical vulnerabilities
CVE Number | CVE Name | Base Score | Reference |
|---|---|---|---|
CVE-2022-21907 | HTTP Protocol Stack Remote Code Execution Vulnerability | 9.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21907 |
CVE-2022-21846 | Microsoft Exchange Server Remote Code Execution Vulnerability | 9.0 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21846 |
CVE-2022-21840 | Microsoft Office Remote Code Execution Vulnerability | 8.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21840 |
CVE-2022-21857 | Active Directory Domain Services Elevation of Privilege Vulnerability | 8.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21857 |
CVE-2022-21833 | Virtual Machine IDE Drive Elevation of Privilege Vulnerability | 7.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21833 |
CVE-2022-21917 | HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21917 |
CVE-2022-21912 | DirectX Graphics Kernel Remote Code Execution Vulnerability | 7.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21912 |
CVE-2022-21898 | DirectX Graphics Kernel Remote Code Execution Vulnerability | 7.8 | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2022-21898 |
CVE-2021-22947 | Open Source Curl Remote Code Execution Vulnerability | TBD | https://msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2021-22947 |