On Tuesday, January 11, 2022, Microsoft released patches to address 90+ vulnerabilities, including six zero-day exploits. Of the vulnerabilities identified, nine are classified as Critical, and the remaining vulnerabilities are classified as Important.
Of the nearly 100 vulnerabilities identified, the following categories were identified according to impact:
The following are zero-day vulnerabilities addressed by this patch release:
*The six zero-day vulnerabilities listed above are not known to have been exploited.
Review your existing patching cadence based on your interpretation of risk for your organization and systems. Consider adjusting patch windows for internet-facing, sensitive, or high-risk systems, depending on your organization’s existing security posture and risk need.
If you’re an existing Coretek customer, and your organization requires out-of-band patching windows, please out to your Coretek Delivery Manager for more information.
Ensure that all affected Microsoft systems are patched after your normally scheduled patching maintenance. If you are unsure if all systems are properly patched, consider using a vulnerability scanner to verify that patches have been properly applied.
If you are a Coretek customer and have any questions about our remediation actions or your support agreements with Coretek, or you are a visitor who would like more information, please use the button below to get in touch.