Microsoft Patch Tuesday January 2022 - Summary











CVE Index for January 2022 Patch Tuesday Updates

Impact Component Type of update
CVE-2022-21846 Microsoft Exchange Server Remote Code Execution Security update
CVE-2022-21840 Microsoft Office Remote Code Execution Security update
CVE-2022-21917 Microsoft Windows Codecs Library Remote Code Execution Security update
CVE-2021-22947 Open Source Software Remote Code Execution Security update
CVE-2022-21857 Windows Active Directory Elevation of Privilege Security update
CVE-2022-21898 Windows DirectX Remote Code Execution Security update
CVE-2022-21912 Windows DirectX Remote Code Execution Security update
CVE-2022-21907 Windows HTTP Protocol Stack Remote Code Execution Security update
CVE-2022-21833 Windows Virtual Machine IDE Drive Elevation of Privilege Security update
Open Source Curl Remote Code Execution CVE-2021-22947
Libarchive Remote Code Execution CVE-2021-36976
Windows User Profile Service Elevation of Privilege CVE-2022-21919
Windows Certificate Spoofing CVE-2022-21836
Windows Event Tracing Discretionary Access Control List Denial of Service CVE-2022-21839
Windows Security Center API Remote Code Execution CVE-2022-21874
CVE-2021-22947 CVE-2021-36976 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098 CVE-2022-0099 CVE-2022-0100
CVE-2022-0101 CVE-2022-0102 CVE-2022-0103 CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 CVE-2022-0107
CVE-2022-0108 CVE-2022-0109 CVE-2022-0110 CVE-2022-0111 CVE-2022-0112 CVE-2022-0113 CVE-2022-0114
CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118 CVE-2022-0120 CVE-2022-21833 CVE-2022-21834
CVE-2022-21835 CVE-2022-21836 CVE-2022-21838 CVE-2022-21839 CVE-2022-21843 CVE-2022-21847 CVE-2022-21848
CVE-2022-21849 CVE-2022-21850 CVE-2022-21851 CVE-2022-21852 CVE-2022-21857 CVE-2022-21858 CVE-2022-21859
CVE-2022-21860 CVE-2022-21861 CVE-2022-21862 CVE-2022-21863 CVE-2022-21864 CVE-2022-21865 CVE-2022-21866
CVE-2022-21867 CVE-2022-21868 CVE-2022-21869 CVE-2022-21870 CVE-2022-21871 CVE-2022-21872 CVE-2022-21873
CVE-2022-21874 CVE-2022-21875 CVE-2022-21876 CVE-2022-21877 CVE-2022-21878 CVE-2022-21879 CVE-2022-21880
CVE-2022-21881 CVE-2022-21882 CVE-2022-21883 CVE-2022-21884 CVE-2022-21885 CVE-2022-21887 CVE-2022-21888
CVE-2022-21889 CVE-2022-21890 CVE-2022-21892 CVE-2022-21893 CVE-2022-21894 CVE-2022-21895 CVE-2022-21896
CVE-2022-21897 CVE-2022-21898 CVE-2022-21899 CVE-2022-21900 CVE-2022-21901 CVE-2022-21902 CVE-2022-21903
CVE-2022-21904 CVE-2022-21905 CVE-2022-21906 CVE-2022-21907 CVE-2022-21908 CVE-2022-21910 CVE-2022-21912
CVE-2022-21913 CVE-2022-21914 CVE-2022-21915 CVE-2022-21893 CVE-2022-21917 CVE-2022-21918 CVE-2022-21919
CVE-2022-21920 CVE-2022-21921 CVE-2022-21922 CVE-2022-21924 CVE-2022-21925 CVE-2022-21928 CVE-2022-21929
CVE-2022-21930 CVE-2022-21931 CVE-2022-21954 CVE-2022-21958 CVE-2022-21959 CVE-2022-21960 CVE-2022-21961
CVE-2022-21962 CVE-2022-21963 CVE-2022-21964 CVE-2022-21970

No patches released for Visual Studio this month

Previous Patch Tuesday Updates and Fixes

7 essential vulnerability management questions answered

Microsoft Windows Patch Tuesday - Overview

What is Patch Tuesday?

Patch Tuesday, the colloquial term for Microsoft's Update Tuesday that falls on second Tuesday of every month. That is when Microsoft rolls out patch updates to improve security of Microsoft applications. Coinciding with the Patch Tuesday it is also a general trend for the roll out of patch updates for other third party applications that include Adobe and Mozilla, among many others.

When is Patch Tuesday?

The upcoming Patch Tuesday falls on February 8, 2022.

What is patching and why is it important?

Patches are nothing but pieces of software code that are written to fix a bug in a software application, that might lead to a vulnerability. Such vulnerabilities in any application are loop holes for attackers to get their hands on business critical data and information. So it is highly crucial to keep all the applications in a network updated to its latest versions. Updating applications in mobile phones and laptops also work in the same manner by preventing theft of personal data, through security flaws.

What kind of patch updates are released during Patch Tuesday?

Predominantly security patch updates of varying severity like Critical, Important, Moderate & Low are labeled and released. It is always a best practice to prioritize your patching based on the severity level mentioned.

What are CVE IDs?

CVE ID - Common Vulnerabilities and Exposure ID is a format in which each vulnerability is disclosed and cataloged in the National Vulnerability Database (NVD). You can look up for a detailed explanation of each vulnerability in the NVD with the help of CVE ID. In Patch Manager Plus you can make use of these CVE IDs to fetch the appropriate patches to deploy. You can find the CVE IDs here.

How to register for ManageEngine's Free Patch Tuesday webinar?

The upcoming Free Patch Tuesday webinar by ManageEngine is scheduled on -. You can make your registrations here

Where can I find more details about individual bulletins?

Each CVE ID listed in the CVE Index section has been linked to its security advisory.