Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday
Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw
Patch Tuesday tracks Microsoft's regular security updates, helping readers understand vulnerabilities, fixes, and risks affecting software users.
Search across headline titles and summaries.
Background for this topic.
Patch Tuesday is the second Tuesday of each month, when Microsoft publishes a scheduled set of security and quality updates for supported products. The term is also used broadly for the recurring monthly patch cycle that organizations use to review, test, and deploy vendor fixes. Releases may address vulnerabilities in operating systems, applications, browsers, and infrastructure components, with severity and affected versions varying by update.
For security teams, the release is a trigger for vulnerability-management work: identify exposed and supported assets, assess whether a flaw is being exploited or affects a critical system, and prioritize deployment accordingly. Testing and staged rollout can reduce compatibility and availability problems, while leaving internet-facing or unpatched systems exposed can increase the chance of compromise. Teams should also account for patches that require reboots, configuration changes, or dependent updates, and track exceptions with compensating controls. Critical fixes may warrant accelerated or emergency deployment rather than waiting for the normal maintenance window.
Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw
Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years
Microsoft fixed 36 flaws. Adobe addressed 212. Apple, Google, Cisco, VMware and Atlassian joined the party It's the last Patch Tuesday of 2023, which calls for celebration – just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course.…
The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known "zero-day" threats targeting any of the vulnerabilities in December's patch batch. Still, four of the updates pushed out today address "critical" vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users.
Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. [...]