Microsoft Security Update Summary (January 11, 2022)

Posted on 2022-01-11 by guenni

Update[German]On January 11, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. Below is a compact overview of these updates that were released on Patchday.

Advertising

A list of the updates can be found on this Microsoft page. Details about the update packages for Windows, Office, etc. are available in separate blog posts.

Notes on the updates

Windows 10 version 2004 through 21H2 share a common core and have an identical set of system files. Therefore, the same security update will be delivered for these Windows 10 versions. Information on how to enable the features of Windows 10 version 1909 as well as 20H2, which is done through an Enablement Package update, can be found in this Techcommunity post.

All Windows 10 updates are cumulative. The monthly Patchday update includes all security fixes for Windows 10 and all non-security fixes through Patchday. In addition to vulnerability security patches, the updates include security enhancement measures. Microsoft is integrating the Servicing Stack Updates (SSUs) into the Latest Cumulative Updates (LCUs) for newer versions of Windows 10. A list of the latest SSUs can be found at ADV990001 (although the list is not always up-to-date).

Windows 7 SP1 is no longer supported as of January 2020. Only customers with a 2nd year ESU license (or workarounds) will still receive updates for the last time in January 2022. For upcoming patches an ESU license for the 3rd year is required. The current ESU bypass allows the update to be installed. Updates can also be downloaded from the Microsoft Update Catalog. Windows RT 8.1 and Microsoft Office RT updates are only available through Windows Update.

Windows Server 2016 will reach the end of mainstream support on January 11, 2022, after five years. No more bug fixes will come, only security updates will be distributed.

Advertising

A critical vulnerability CVE-2022-21840 has been closed in Microsoft Office, which allows remote code execution (RCE). For administrators of Windows Server 2012 R2, I already have a notice that a boot loop occurs (blog post to follow).

Fixed vulnerabilities

The January 2022 security updates fix 125 bugs and close vulnerabilities (97 CVEs, 4 are 0-days, 9 are critical, 88 are important) in Microsoft products. Two patches affect open source libraries. A list of all CVEs covered can be found on this Microsoft page. Tenable has listed all fixed vulnerabilities in this blog post.

Critical Security Updates

Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office Online Server
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
SharePoint Server Subscription Edition Language Pack
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2016 Cumulative Update 21
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 10
Microsoft Exchange Server 2019 Cumulative Update 11
HEVC Video Extensions
Remote Desktop client for Windows Desktop

Important Security Updates

Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 3.5 AND 4.7.2
Microsoft .NET Framework 3.5 AND 4.8
Microsoft .NET Framework 3.5.1
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.6
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
Microsoft .NET Framework 4.8
Dynamics 365 Sales
Microsoft Dynamics 365 Customer Engagement V9.0
Microsoft Dynamics 365 Customer Engagement V9.1

Similar articles:
Microsoft Office Updates (January 4, 2022)
Microsoft Security Update Summary (January 11, 2022)
Patchday: Windows 8.1/Server 2012 R2 Updates (January 11, 2022), boot loop reported
Patchday: Windows 10 Updates (January 11, 2022)
Patchday: Windows 11 Updates (January 11, 2022)
Patchday: Updates for Windows 7/Server 2008 R2 (January 11, 2022)

Windows Server: January 2022 security updates are causing DC boot loop
Windows VPN connections (L2TP over IPSEC) broken after January 2022 update
Windows Server 2012/R2: January 2022 Update KB5009586 bricks Hyper-V Host

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in Office, Security, Software, Update, Windows and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *