Security News > 2019 > December > December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day
2019-12-10 19:53
For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year. Microsoft’s fixes Microsoft’s security releases are for Windows, Internet Explorer, SQL Server, Visual Studio, Hyper-V Server, Office and Office Services and Web App. All in all, the company fixed just 36 CVE-numbered flaws. Of these, seven are critical, 28 important and one of moderate severity. Only one (CVE-2019-1458) is being actively exploited by attackers. Since it’s been … More → The post December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/CBLecBJw6IY/
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Microsoft cleans up hot mess of Patch Tuesday preview (source)
- Microsoft slips Task Manager and processor count fixes into Patch Tuesday (source)
- October 2024 Patch Tuesday forecast: Recall can be recalled (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-1458 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 7.8 |