January’s Patch Tuesday contains several security updates, including fixes for five remote code execution (RCE) vulnerabilities in Microsoft’s various Office products. Microsoft has rated the severity of these vulnerabilities as Important since they enable an attacker to execute code as the currently logged in user. Affected versions of the desktop Office suite include Office 2010, 2013 and 2016. SharePoint Sever also had its share of vulnerabilities with Microsoft patching six CVEs ranging from spoofing to more RCE.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in