[German]On March 8, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. Below is a compact overview of these updates that were released on Patchday.
A list of the updates can be found on this Microsoft page. Details about the update packages for Windows, Office, etc. are available in separate blog posts.
Notes on the updates
Windows 10 version 20H2 to 21H2 use a common core and have an identical set of system files. Therefore, the same security update will be delivered for these Windows 10 versions. Information on how to enable the features of Windows 10, which is done through an Enablement Package update, can be found in this Techcommunity post.
All Windows 10 updates are cumulative. The monthly Patchday update includes all security fixes for Windows 10 and all non-security fixes up to Patchday. In addition to vulnerability security patches, the updates include security enhancement measures. Microsoft is integrating the Servicing Stack Updates (SSUs) into the Latest Cumulative Updates (LCUs) for newer versions of Windows 10. A list of the latest SSUs can be found at ADV990001 (although the list is not always up-to-date).
Windows 7 SP1 is no longer supported as of January 2020. Only customers with a 2nd year ESU license (or workarounds) will still receive updates for the last time in January 2022. For upcoming patches an ESU license for the 3rd year is required. The current ESU bypass allows the update to be installed. Updates can also be downloaded from the Microsoft Update Catalog. The updates for Windows RT 8.1 and Microsoft Office RT are only available via Windows Update.
Fixed vulnerabilities
The March 2022 security updates fix 71 vulnerabilities, three of which are 0-day, in Microsoft products. A list of all covered CVEs can be found on this Microsoft page as well as on this Microsoft page. The colleagues at Bleeping Computer have published an overview of the fixed vulnerabilities here. Tenable also has this blog post with an overview – the following critical updates are included in March 2022.
- CVE-2022-23277: Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-23285 und CVE-2022-21990: Remote Desktop Client Remote Code Execution Vulnerability
- CVE-2022-24508: Windows SMBv3 Client/Server Remote Code Execution Vulnerability
- CVE-2022-24459: Windows Fax and Scan Service Elevation of Privilege Vulnerability
- CVE-2022-24512: .NET and Visual Studio Remote Code Execution Vulnerability
Below is the list of critical and important security updates – details of which will be reported in separate blog posts.
Critical Security Updates
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2019 Cumulative Update 11
HEVC Video Extension
HEVC Video Extensions
VP9 Video Extensions
Important Security Updates
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Azure Edition Core Hotpatch
Windows Server, version 20H2 (Server Core Installation)
Remote Desktop client for Windows Desktop
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
.NET 5.0
.NET 6.0
.NET Core 3.1
Microsoft Visual Studio 2019 version 16.11 (includes 16.0 – 16.10)
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 – 16.8)
Microsoft Visual Studio 2022 version 17.0
Visual Studio Code
Microsoft Defender for Endpoint for Linux
Microsoft Defender for Endpoint for Mac
Microsoft Defender for Endpoint for Windows
Microsoft Defender for IoT
Intune Company Portal for iOS
Azure Site Recovery VMWare to Azure
HEIF Image Extension
Raw Image Extension
Skype Extension for Chrome
Paint 3D
Similar articles
Microsoft Office Updates (March 1, 2022)
Microsoft Security Update Summary (March 8, 2022)
Patchday: Windows 10-Updates (March 8, 2022)
Patchday: Windows 11/Server 2022-Updates (March 8, 2022)
Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (March 8, 2022)
Patchday: Microsoft Office Updates (March 8, 2022)