- Microsoft will soon release its monthly Patch Tuesday updates today.
- In March, we say a total of 71 CVEs getting addressed with patches.
- Of course, we can expect updates for all supported versions of Windows.
- Stay tuned to find out what changes will Microsoft bring this month.
It’s April 12, and for those of you that like keeping your PC updated with the latest and greatest changes this means only one thing: Patch Tuesday is here!
Like all other Patch Tuesday updates since the beginning of the Windows OS, they are aimed at improving your PC’s performance by tweaking the system, fixing any errors, adding new features, and providing better security against digital threats.
That’s what everyone is expecting this month as well, and we will be looking over what might arrive this week.
What was last month’s Patch Tuesday all about?
The Redmond-based tech giant has been hard at work on security improvements in pretty much everything that has to do with software security.
This week, Microsoft announced an extensive set of security enhancements for Windows 11, providing protection for what they call chip to cloud.
Last month, the 71 new updates that were deployed during the Patch Tuesday rollout addressed CVEs in:
- .NET and Visual Studio
- Azure Site Recovery
- Microsoft Defender for Endpoint
- Microsoft Defender for IoT
- Microsoft Edge (Chromium-based)
- Microsoft Exchange Server
- Microsoft Intune
- Microsoft Office Visio
- Microsoft Office Word
- Microsoft Windows ALPC
- Microsoft Windows Codecs Library
- Paint 3D
- Role: Windows Hyper-V
- Skype Extension for Chrome
- Tablet Windows User Interface
- Visual Studio Code
- Windows Ancillary Function Driver for WinSock
- Windows CD-ROM Driver
- Windows Cloud Files Mini Filter Driver
- Windows COM
- Windows Common Log File System Driver
- Windows DWM Core Library
- Windows Event Tracing
- Windows Fastfat Driver
- Windows Fax and Scan Service
- Windows HTML Platform
- Windows Installer
- Windows Kernel
- Windows Media
- Windows PDEV
- Windows Point-to-Point Tunneling Protocol
- Windows Print Spooler Components
- Windows Remote Desktop
- Windows Security Support Provider Interface
- Windows SMB Server
- Windows Update Stack
What’s also important to mention is that, out of the 71 CVEs, three were rated Critical and 68 as Important in severity
What can we expect from this month’s Patch Tuesday rollout?
Experts consider that we should plan for more critical updates this month, surely uncovering some major vulnerabilities that have or have not been exploited yet.
Most likely, operating system updates will include the Extended Security Updates (ESUs) for Windows 7 and Server 2008.
This April’s Patch Tuesday will result in numerous improvements and fixes for issues associated with Microsoft’s Chromium-based Edge browser.
This includes fixes for Type Confusion in tV7, Heap Buffer Overflow in WebUI, Use-after-Free in Shopping Cart, Use-after-free in Tab Strip, and User-after-free in Extensions.
|CVE Number||Name of Vulnerability|
|CVE-2022-1125||Chromium: CVE-2022-1125 Use after free in Portals|
|CVE-2022-1127||Chromium: CVE-2022-1127 Use after free in QR Code Generator|
|CVE-2022-1128||Chromium: CVE-2022-1128 Inappropriate implementation in Web Share API|
|CVE-2022-1129||Chromium: CVE-2022-1129 Inappropriate implementation in Full-Screen Mode|
|CVE-2022-1130||Chromium: CVE-2022-1130 Insufficient validation of untrusted input in WebOTP|
|CVE-2022-1131||Chromium: CVE-2022-1131 Use after free in Cast UI|
|CVE-2022-1133||Chromium: CVE-2022-1133 Use after free in WebRTC|
|CVE-2022-1134||Chromium: CVE-2022-1134 Type Confusion in V8|
|CVE-2022-1135||Chromium: CVE-2022-1135 Use after free in Shopping Cart|
|CVE-2022-1136||Chromium: CVE-2022-1136 Use after free in Tab Strip|
|CVE-2022-1137||Chromium: CVE-2022-1137 Inappropriate implementation in Extensions|
|CVE-2022-1138||Chromium: CVE-2022-1138 Inappropriate implementation in Web Cursor|
|CVE-2022-1139||Chromium: CVE-2022-1139 Inappropriate implementation in Background Fetch API|
|CVE-2022-1143||Chromium: CVE-2022-1143 Heap buffer overflow in WebUI|
|CVE-2022-1145||Chromium: CVE-2022-1145 Use after free in Extensions|
|CVE-2022-1146||Chromium: CVE-2022-1146 Inappropriate implementation in Resource Timing|
|CVE-2022-1232||Chromium: CVE-2022-1232 Type Confusion in V8|
|CVE-2022-24475||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-24523||Microsoft Edge (Chromium-based) Spoofing Vulnerability|
|CVE-2022-26891||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26894||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26895||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26900||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26908||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26909||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
|CVE-2022-26912||Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability|
We will also provide download links for each individual cumulative update and present the changes, improvements, fixes, and known issues that come as a package.
What is your opinion on this month’s rollout so far? Share your opinion with us in the comments section below.