In Microsoft’s December issue of Patch Tuesday, the tech giant released 67 security fixes for software problems.
These problems include issues in software include Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, and denial-of-service issues.
For the most serious vulnerabilities, 6 of them have been fixed in the security update, including a flaw said to be exploited in the wild.
The bugs include CVE-2021-43890, a Windows AppX Installer Spoofing zero-day vulnerability with a severity of 7.1, CVE-2021-41333, a Windows Print Spooler Elevation of Privilege vulnerability with a CVSS score of 7.8, CVE-2021-43380, and a Windows Mobile Device Management Elevation of Privilege (EoP) vulnerability.
Others are CVE-2021-43893 with a CVSS score of 7.5, CVE-2021-43240 an NTFS Set Short Name elevation of privilege bug with a severity score of 7.8, CVE-2021-43883, a zero-day flaw impacting Windows Installer. The flaw has a severity of 7.8.
Apart from the above vulnerabilities, another 16 CVEs have been patched in the Chromium-based Edge browser.
For more information, read the original story in ZDNet.