Microsoft's latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days.
12 of the issues are rated Critical, two are rated High, and 55 are rated Important in severity. This also includes the weaknesses that were closed out by OpenSSL the previous week.
Also separately addressed in Microsoft Edge at the start of the month is an actively exploited flaw in Chromium-based browsers (CVE-2022-3723) that was plugged by Google as part of an out-of-band update late last month.
"The big news is that two older zero-day CVEs affecting Exchange Server, made public at the end of September, have finally been fixed,"