From thehackernews.com
Microsoft on Tuesday rolled out its monthly security updates with fixes for 51 vulnerabilities across its software line-up consisting of Windows, Office, Teams, Azure Data Explorer, Visual Studio Code, and other components such as Kernel and Win32k.
Among the 51 defects closed, 50 are rated Important and one is rated Moderate in severity, making it one of the rare Patch Tuesday updates without any fixes for Critical-rated vulnerabilities. This is also in addition to 19 more flaws the company addressed in its Chromium-based Edge browser.
None of the security vulnerabilities are listed as under active exploit, while of the flaws — CVE-2022-21989 (CVSS score: 7.8) — has been classified as a publicly disclosed zero-day at the time of the release. The issue concerns a privilege escalation bug in Windows Kernel, with Microsoft warning of potential attacks exploiting the shortcoming.