Number: AV22-015
Date: 12 January 2022
On 11 January 2022 Microsoft published Security Updates to address vulnerabilities in multiple products. Included were critical updates for the following:
- Microsoft 365 Apps for Enterprise
- HEVC Video Extensions
- Microsoft Exchange Server 2013 CU23, 2016 CU21 and CU22, 2019 CU10 and CU11
- Microsoft Office – multiple applications and versions
- Microsoft SharePoint
- Windows 7, 8.1, RT 8.1, 10 and 11
- Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019 and 2022
- Windows Server Core 2008, 2012, 2012 R2, 2016, 2019, 2022 and 20H2
Exploitation of some of these vulnerabilities could allow an actor to execute code remotely.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.