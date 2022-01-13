Microsoft, in its first Patch Tuesday of 2022, fixed 96 vulnerabilities of the Windows 10 and Windows 11 operating systems, Microsoft Exchange Server, Office, RDP, cryptographic services and Microsoft Teams.

Elevation of privilege (EoP) bugs accounted for 42% of security vulnerabilities fixed this month, followed by remote code execution (RCE) flaws with a 30% share. The patch further updated spoofing issues and cross-site scripting (XSS) vulnerabilities.

Windows 11

Research shows high user rejection rate for the Windows version released in 2021. (Source: Pixabay/PabitraKaity/Reproduction)Source: Pixabay/PabitraKaity/Reproduction

Update KB5009566 is considered by Microsoft to be mandatory for Windows 11. The patch brings security updates, performance improvements and fixes for known vulnerabilities. The patch also features quality improvements to ensure that users’ devices can receive and install updates from Microsoft.

Windows 10

Microsoft will end support for Windows 10 in October 2025. (Source: Pixabay/PhotoMIX-Company/Reproduction)Source: Pixabay/PhotoMIX-Company/Reproduction

As for the Windows 10 update (KB5009585), the only highlight listed in the support bulletin concerns security updates. Among the vulnerabilities fixed in January, nine were rated “Critical”, meaning they could be exploited by attackers or malware to gain remote access to vulnerable Windows systems without any user assistance.

What is Patch Tuesday?

Patch Tuesday is the name given to Microsoft’s monthly security update release. It usually falls on the second Tuesday of each month, hence the name “Patch Tuesday”. The company releases these security updates to address vulnerabilities that have been discovered in its software products.

The update is highly anticipated by cybercriminals. It’s not uncommon for hackers to release malware right after Patch Tuesday in an effort to target unpatched systems and seize the window of opportunity before IT administrators install updates.