Microsoft Release 67 Fixes For December Patch Tuesday

Share post:

In Microsoft’s December issue of Patch Tuesday, the tech giant released 67 security fixes for software problems.

These problems include issues in software include Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, and denial-of-service issues.

For the most serious vulnerabilities, 6 of them have been fixed in the security update, including a flaw said to be exploited in the wild.

The bugs include CVE-2021-43890, a Windows AppX Installer Spoofing zero-day vulnerability with a severity of 7.1, CVE-2021-41333, a Windows Print Spooler Elevation of Privilege vulnerability with a CVSS score of 7.8, CVE-2021-43380, and a Windows Mobile Device Management Elevation of Privilege (EoP) vulnerability.

Others are CVE-2021-43893 with a CVSS score of 7.5, CVE-2021-43240 an NTFS Set Short Name elevation of privilege bug with a severity score of 7.8, CVE-2021-43883, a zero-day flaw impacting Windows Installer. The flaw has a severity of 7.8.

Apart from the above vulnerabilities, another 16 CVEs have been patched in the Chromium-based Edge browser.

For more information, read the original story in ZDNet.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Canadian group gets $2.2 million to research AI threat detection for wireless networks

Ericsson Canada and three universities have been awarded funds by the National Cybersecurity

Cyber Security Today, Nov. 29, 2023 – More ransomware attacks on the healthcare sector

This episode reports on a company hit twice by a ransomware gang, the arrest in Ukraine of the alleged head of a ransomware gang

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways