Microsoft has released patches in this month’s patch Tuesday for 97 different vulnerabilities. Nine of these vulnerabilities are rated as critical. None of the vulnerabilities were known to be exploited currently, but six of them were previously publicly disclosed. These include CVE-2022-21839, a denial-of-service vulnerability in the Windows event tracing discretionary access control list, an elevation of privilege flaw in Windows user profile service (CVE-2022-21919), and a Windows certificates spoofing vulnerability (CVE-2022-21836). The remaining three publicly disclosed flaws are remote code execution bugs in Windows Security Center API (CVE-2022-21874), libarchive (CVE-2021-36976) and open-source curl (CVE-2021-22947).
Headline-grabbing attacks such as Solarwinds, Kaseya, Colonial Pipeline, JBS Foods and the Log4j vulnerability kept