Microsoft fixes 71 CVEs this month, with three rated as Critical

It’s that time of the month again, and everyone is looking towards Microsoft, in hopes that some of the flaws they’ve been struggling with will finally get fixed.

We’ve already provided the direct download links for the cumulative updates released today for Windows 10 and 11, but now it’s time to talk about Critical Vulnerabilities and Exposures again.

In terms of heft, this month’s release coincides with Merch releases from previous years, which are usually around 60-70 CVEs.

Let’s dive right into it and see what vulnerabilities are completely gone from our lives, now that these patches are live.

Three critical bugs dealt with this month

For the third month of 2022, Microsoft released 71 new patches. This is in addition to the 21 CVEs patched by Microsoft Edge (Chromium-based) earlier this month, which brings the March total to 92 CVEs.

So, the 71 new patches that became available today address CVEs in:

• .NET and Visual Studio
• Azure Site Recovery
• Microsoft Defender for Endpoint
• Microsoft Defender for IoT
• Microsoft Edge (Chromium-based)
• Microsoft Exchange Server
• Microsoft Intune
• Microsoft Office Visio
• Microsoft Office Word
• Microsoft Windows ALPC
• Microsoft Windows Codecs Library
• Paint 3D
• Role: Windows Hyper-V
• Skype Extension for Chrome
• Tablet Windows User Interface
• Visual Studio Code
• Windows Ancillary Function Driver for WinSock
• Windows CD-ROM Driver
• Windows Cloud Files Mini Filter Driver
• Windows COM
• Windows Common Log File System Driver
• Windows DWM Core Library
• Windows Event Tracing
• Windows Fastfat Driver
• Windows Fax and Scan Service
• Windows HTML Platform
• Windows Installer
• Windows Kernel
• Windows Media
• Windows PDEV
• Windows Point-to-Point Tunneling Protocol
• Windows Print Spooler Components
• Windows Remote Desktop
• Windows Security Support Provider Interface
• Windows SMB Server
• Windows Update Stack
• XBox

What’s also important to mention is that, out of the 71 CVEs released today, three are rated Critical and 68 are rated Important in severity.

The number of Critical-rated patches is again strangely low for this number of bugs, according to experts and some of the more tech-savvy users.

Furthermore, it is still uncertain if this low percentage of bugs is just a coincidence or if Microsoft might be evaluating the severity using different calculus than in the past.

Keep in mind that none of the bugs is listed as under active exploit this month, while three are listed as publicly known at the time of release.

These are all the CVEs addressed with this month’s Patch Tuesday release. Overall, this was a pretty hefty but secure month, compared to previous situations.

The next Patch Tuesday batch of software will come on April 12 and we’re all curious to see what Microsoft comes up with until then.

Let’s all hope that we won’t have to deal with critical problems, and that’s it will only be smooth sailing from now on.

Was this article helpful to you? Share your opinion in the comments section below.