Top
image credit: Pixabay

Microsoft Fixes Windows Zero-Day on Lightest Patch Tuesday of 2019

December 11, 2019

Via: Dark Reading
Category:

This month’s batch of security updates addresses 36 CVEs, seven of which are rated Critical and one of which has been exploited in the wild.

The last Patch Tuesday of 2019 is also Microsoft’s lightest of the year, with fixes for 36 vulnerabilities including one Windows zero-day flaw that has been exploited in the wild.

The elevation of privilege bug under active attack (CVE-2019-1458) exists when the Win32k component fails to properly handle objects in memory. An attacker could exploit this by first logging onto the system and running a specially crafted application to take control of a system.

Read More on Dark Reading

RELATED PUBLICATIONS

Microsoft fixed two zero-day bugs exploited in malware attacks
Detecting Windows-based Malware Through Better Visibility
Microsoft confirms memory leak in March Windows Server security update

Latest Publications

U.S. and Australian police arrested Firebird RAT author and operator
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
TA547 targets German organizations with Rhadamanthys malware
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!