Microsoft released patches for more than 100 security holes on Windows

In Patch Tuesday April 2022, a total of 128 security vulnerabilities were addressed in Windows, Defender tools, Office and many other products.

Of all the bugs, 10 were rated as "critical", while the majority were "critical". Three bugs are rated "moderate", one 'publicly known' and one 'under exploitation'.

In it, there are two zero-day vulnerabilities that have been patched, including CVE-2022-26904 and CVE-2022-24521. Both were rated as severe as 7.0 and 7.8, respectively.

Other notable bugs fixed include remote code execution vulnerabilities in the RPC Runtime Library, Windows Network File System, Windows Server Service, Windows SMB, and Microsoft Dynamics 365. The company also resolved 18 bugs in Windows DNS Server, including 17 remote execution errors. 15 vulnerabilities that allow increased privilege in Windows Print Spooler are also patched.

Microsoft has announced that it will stop releasing Patch Tuesday over the next few months, replacing it with a new Windows Autopatch service that the company says will automatically update all business computers and Office software. Customers with Windows 10/11 Enterprise E3 or later licenses will be eligible for the new service, which will launch for free in July.

"This service will keep Windows and Office software on terminals updated automatically at no additional cost. The second Tuesday of every month will be just 'another normal Tuesday' ", said Lior Bela, Director of Product Marketing at Microsoft.

Isabella Humphrey

Update 19 April 2022