This week Microsoft released the first Patch of the year with updates addressing nearly 100 security vulnerabilities, including six zero-day vulnerabilities. In detail, the vulnerabilities are classified as follows:
- 41 are EoP (Elevation of Privilege);
- 9 are of bypass of security functions;
- 29 are of the RCE (Remote Code Execution) type;
- 6 are ID (Information Disclosure);
- 9 of Denial of Service type;
- 3 of spoofing type.
The updates in the mentioned update affect a wide range of Microsoft products, including:
Windows and several operating system components;
Microsoft Edge (based on Chromium):
- Exchange Server;
- Microsoft Office;
- SharePoint Server;
- .NET Framework;
- Microsoft Dynamics;
- Open-Source Software;
- Windows Hyper-V;
- Windows Defender;
- Windows Remote Desktop Protocol (RDP).