Interested in what is being patched by each monthly update? Here are the links that break this down, down to the CVE & whether the vulnerability has been exploited in the wild.
- Deployments – Security Update Guide
(This is the list of update packages released for each product & version – including if the package is an Extended Security Update, and where to download the update from the Microsoft Update Catalog) - Vulnerabilities – Security Update Guide
(This is a view of all vulnerabilities patched across a given time period & what severity they were) - Release Notes – Security Update Guide
(This is where you look up all the vulnerability fixes patched for each monthly security update release)
For example, for Windows Server 2012, here are the most recent Extended Security Update rollups that ESU subscribers have received for their end-of-life Windows Server 2012 instances:
- November 14, 2023—KB5032249 (Monthly Rollup)
https://support.microsoft.com/en-us/topic/kb5008380-authentication-updates-cve-2021-42287-9dafac11-e0d0-4cb8-959a-143bd0201041#Take%20action
Vulnerabilities: https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov
63 vulnerabilities, 1 known vulnerability exploit, 15 vulnerability more likely to be exploited
(8.8 Windows Scripting, 7.1 Windows Storage, 7.8 Windows Common Log File System Driver) - December 12, 2023—KB5033420 (Monthly Rollup)
https://support.microsoft.com/en-us/topic/december-12-2023-kb5033420-monthly-rollup-fcb2ed87-527d-4313-ae01-0c43af80c545
Vulnerabilities: https://msrc.microsoft.com/update-guide/releaseNote/2023-Dec
37 vulnerabilities, 16 more likely to be exploited
(7.8 Windows Win32K, 7.8 Windows Kernel, 7.8 Windows Kernel-Mode Drivers, 7.5 Windows Defender, 7.8 Windows Win32K, 7.8 Windows Local Security Authority Subsystem Service (LSASS), 7.8 Windows Cloud Files Mini Filter Driver) - January 9, 2024—KB5034171 (Monthly Rollup)
https://support.microsoft.com/en-us/topic/january-9-2024-kb5034171-monthly-rollup-377e3b9c-c5e0-420b-bc00-179b90c82ea4
Vulnerabilities: https://msrc.microsoft.com/update-guide/releaseNote/2024-Jan
56 vulnerabilities, 14 more likely to be exploited
(7.5 Windows Scripting, 7.8 Windows Common Log File System Driver, 8.8 Windows Authentication Methods, 7.8 Windows Win32K, 7.8 Windows Win32K Kernel Subsystem, 7.8 Windows Win32K, 7.8 Windows Cloud Files Mini Filter Driver) - February 13, 2024—KB5034819 (Monthly Rollup)
https://support.microsoft.com/en-us/topic/february-13-2024-kb5034819-monthly-rollup-67ea3009-44fe-4781-8235-ef8ca210f5b5
Vulnerabilities: https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb
73 vulnerabilities, 2 known exploits, 13 more likely to be exploited
(7.8 Windows Kernel, 7.8 Windows Kernel, 7.8 Windows Win32K – ICOMP, 7.0 Windows Kernel)
kurtsh
Kurt Shintaku's Blog 