This week Microsoft released the first Patch of the year with updates addressing nearly 100 security vulnerabilities, including six zero-day vulnerabilities. In detail, the vulnerabilities are classified as follows:

  • 41 are EoP (Elevation of Privilege);
  • 9 are of bypass of security functions;
  • 29 are of the RCE (Remote Code Execution) type;
  • 6 are ID (Information Disclosure);
  • 9 of Denial of Service type;
  • 3 of spoofing type.

The updates in the mentioned update affect a wide range of Microsoft products, including:

Windows and several operating system components;
Microsoft Edge (based on Chromium):

  • Exchange Server;
  • Microsoft Office;
  • SharePoint Server;
  • .NET Framework;
  • Microsoft Dynamics;
  • Open-Source Software;
  • Windows Hyper-V;
  • Windows Defender;
  • Windows Remote Desktop Protocol (RDP).