Microsoft documented 34 different bugs that were worrisome enough to get CVE numbers, while Adobe listed three (the Adobe products with bugs of CVE-level seriousness are RoboHelp Server, InCopy and Creative Cloud, in case you were wondering).
You can read up on the details of this month’s Microsoft’s patches on our sister site Sophos News…
…where you will find our observation that:
The [updates include] a critical patch to the Windows Servicing Stack, which is how Windows delivers and installs updates, especially to machines that are running versions of Windows no longer receiving regular support. That’s especially important this month, because several of the updates have been released for systems as out-of-date as Windows 7, which as of today is 665 days past its official end of life on January 14, 2020.
In case you’re wondering, this isn’t one of those “this security hole is so terrible that we are even providing free patches for long-gone products like XP and friends” announcements that happen from time to time.
You need to be part of the Windows 7 Extended Support Updates (ESU) programme to get this particular update – and, yes, enrolling for extended support costs extended money.