Microsoft Releases March 2022 Security Updates

Mar 11, 2022 GMT+08:00

I. Overview

Microsoft has released its March 2022 Security Updates. A total of 71 security vulnerabilities have been disclosed, among which 3 are marked as important vulnerabilities. Attackers can exploit these vulnerabilities to perform remote code execution, escalate privileges, and leak sensitive information. The affected applications include Microsoft Windows, Microsoft Office, Microsoft Exchange Server, and Microsoft Visual Studio Code.

For details, visit Microsoft official website:

https://msrc.microsoft.com/update-guide/releaseNote/2022-Mar

Users need to pay attention to the following vulnerabilities whose details have been disclosed:

.NET and Visual Studio remote code execution vulnerability (CVE-2022-24512)

Windows fax and scan services escalation of privilege vulnerability (CVE-2022-24459)

Remote Desktop Client remote code execution vulnerability (CVE-2022-21990)

Please perform security self-check and security hardening in a timely manner to reduce attack risks.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Microsoft Windows, Microsoft Office, Microsoft Exchange Server, Microsoft Visual Studio Code

IV. Vulnerability Details

(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)

V. Security Recommendations

1. Use Windows Update or download patches from the following address to fix the vulnerabilities:

https://msrc.microsoft.com/update-guide

2. Back up data remotely to protect your data.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.