Microsoft Finishes 2023 with 34 Security Fixes
Microsoft's final security update of the year has arrived, packed with 34 vulnerability fixes for a range of issues from remote code execution (RCE) bugs to information disclosure and denial of service vulnerabilities.
The standout of this smaller-than-usual month is the only zero-day vulnerability, which just so happens to also be a patch for a third-party issue. CVE-2023-20588, identified as a security issue in AMD processors, fixes a division-by-zero bug that could potentially expose sensitive data. While AMD had previously not provided a direct fix, instead recommending mitigation strategies, Microsoft's update resolved this bug in the impacted AMD processors. This vulnerability had been publicly disclosed back in August but remained unpatched until this update. The good news is that no active exploits seen using the flaw have been spotted.
As for fixes in Microsoft products, this month features four additional bulletins that are rated "critical," which should be IT's top priorities when patching.
A spoofing security vulnerability (CVE-2023-36019) was identified in the Microsoft Power Platform Connector. This vulnerability poses a threat, as it could en ..
Support the originator by clicking the read the rest link below.
