Security News > 2019 > December > December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day

For December 2019 Patch Tuesday, Microsoft and Adobe have released the final scheduled security updates for this year. Microsoft’s fixes Microsoft’s security releases are for Windows, Internet Explorer, SQL Server, Visual Studio, Hyper-V Server, Office and Office Services and Web App. All in all, the company fixed just 36 CVE-numbered flaws. Of these, seven are critical, 28 important and one of moderate severity. Only one (CVE-2019-1458) is being actively exploited by attackers. Since it’s been … More → The post December 2019 Patch Tuesday: Microsoft fixes one actively exploited zero-day appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/CBLecBJw6IY/
Related news
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-12-10 | CVE-2019-1458 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. | 7.8 |