"Microsoft revealed it has discovered an eye-watering 97 new security vulnerabilities in its operating systems. Six of these have been classified as ‘zero day’ which means they are out in the wild and were known to hackers before Microsoft could respond. All versions of Windows are affected, including Windows 7, Windows 8, Windows 10 and Windows 11 as well as Windows Server 2019 and 2022." - Gordon Kelly
The number of each type of vulnerability is listed below:
- 41 Elevation of Privilege Vulnerabilities
- 9 Security Feature Bypass Vulnerabilities
- 29 Remote Code Execution Vulnerabilities
- 6 Information Disclosure Vulnerabilities
- 9 Denial of Service Vulnerabilities
- 3 Spoofing Vulnerabilities
MS has started distributing this mega patch to the zero day vulnerabilities (none of which have exploitations discovered in the wild, yet).
If you want to trigger Windows to manually check for them navigate to: Settings > Windows Update > Check For Updates.
There's a fly in the ointment here, though: Gordon Kelly updated on 1/14/22 to note that Bleeping Computer has reported update bugs.
"Red alert for users upgrading to this monster update. BleepingComputer reports that it is breaking L2TP VPN connections on both Windows 10 and Windows 11. as well as causing critical bugs on Windows Server 2019 and Windows Server 2022. Microsoft has already pulled the update for both Windows Server editions, where BleepingComputer explains that "critical bugs caused domain controllers to reboot, Hyper-V to not work, and ReFS volume systems to become unavailable." Hyper-V creates virtual machines while ReFS is Microsoft's new file system and is used on all modern versions of Windows. Microsoft has yet to pull the update for Windows 10 and Windows 11, but concerns will be growing. For Windows Server users, there is currently no timeframe for the January patch to be reissued. Considering the number of important fixes and protections, including no fewer than six zero-day exploits, there will be considerable pressure on Microsoft to get the mega-cumulative update back out. That said, there could still be more disruption to come for Windows 10 and Windows 11 users."
There are mitigations for the problems should they occur. See this link.
Thanks, Hank for bringing this important warning to the community. 
