December Patch Tuesday resolves Windows zero-day

Administrators got an early holiday present with a fairly light patching workload on December Patch Tuesday, but they will have one Windows zero-day to wrap up as soon as possible.

Microsoft corrected 36 vulnerabilities on December Patch Tuesday in Microsoft Windows, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, SQL Server, Visual Studio and Skype for Business.

The Win32k elevation of privilege vulnerability (CVE-2019-1458) is rated as important and is being actively exploited in the wild. This Windows zero-day, discovered by Kaspersky Lab researchers, affects most supported versions of Microsoft’s operating system on both the client and server side. The attacker needs authentication to access the system to run malicious code in kernel mode to take…


Source link

About coldfusion

Check Also

Department of Energy To Revisit Cold Fusion – Space Daily

Department of Energy To Revisit Cold Fusion – Space Daily

[unable to retrieve full-text content]Department of Energy To Revisit Cold Fusion  Space Daily Source link

Leave a Reply

Your email address will not be published. Required fields are marked *