Microsoft Patches Just 36 Flaws in December

Dec 11, 2019 02:00 pm Cyber Security 320

Microsoft Patches Just 36 Flaws in December

Microsoft has taken pity on system administrators by ending the year with a relatively light patch load fixing just 36 vulnerabilities.





The update round includes seven critical flaws and one being actively exploited in the wild: CVE-2019-1458, a privilege escalation vulnerability in the Win32k component.





Although it’s only listed as “important,” security experts urge admins to prioritize a fix for that bug. Recorded Future intelligence analyst, Allan Liska explained that an exploit for a similar vulnerability, CVE-2019-0859, was found being sold on underground markets earlier this year.





Elsewhere, five of the seven critical vulnerabilities patched (CVE-2019-1354CVE-2019-1350CVE-2019-1352CVE-2019-1387, and CVE-2019-1349) are in Git for Visual Studio.





In this attack scenario an attacker would need to convince a developer to clone a malicious repository. This may be tricky, but the rewards are potentially big, according to Ivanti director of security solutions, Chris Goettl.





“This is a sp ..

Support the originator by clicking the read the rest link below.

microsoft patches flaws december
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!