The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score.
https://threatpost.com/microsoft-wormable-critical-rce-bug-zero-day/177564/
Security vulnerabilities in the ERP platform could allow attackers to tamper with or sabotage victims’ business-critical processes and to intercept data.
https://threatpost.com/critical-sage-x3-rce-bug-allows-full-system-takeovers/167612/