Skip to main content

Microsoft Monthly Security Update (January 2022)

Last Update Date: 19 Jan 2022 Release Date: 12 Jan 2022 5357 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotes
WindowsHigh Risk High RiskElevation of Privilege
Remote Code Execution
Denial of Service
Information Disclosure
Spoofing
Security Restriction Bypass
  • Proof of concept exploit code is publicly available for CVE-2022-21907
Extended Security Updates (ESU)Medium Risk Medium RiskElevation of Privilege
Information Disclosure
Spoofing
Denial of Service
Remote Code Execution
Security Restriction Bypass
 
Microsoft DynamicsLow Risk Low RiskSpoofing 
Microsoft OfficeMedium Risk Medium RiskRemote Code Execution 
Developer ToolsMedium Risk Medium RiskDenial of Service 
Exchange ServerMedium Risk Medium RiskRemote Code Execution 
BrowserMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
 

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': High Risk

 

[Updated on 2022-01-19] 

  • Proof of concept exploit code is publicly available for CVE-2022-21907, 'Risk Level' has been raised to High Risk.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing

System / Technologies affected

  • Windows
  • Extended Security Updates (ESU)
  • Microsoft Dynamics
  • Microsoft Office
  • Developer Tools
  • Exchange Server
  • Browser

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  •  Apply fixes issued by the vendor.

Vulnerability Identifier


Source


Related Link