BEST OF THE WEB

Microsoft Release 67 Fixes For December Patch Tuesday

In Microsoft’s December issue of Patch Tuesday, the tech giant released 67 security fixes for software problems.

These problems include issues in software include Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, and denial-of-service issues.

For the most serious vulnerabilities, 6 of them have been fixed in the security update, including a flaw said to be exploited in the wild.

The bugs include CVE-2021-43890, a Windows AppX Installer Spoofing zero-day vulnerability with a severity of 7.1, CVE-2021-41333, a Windows Print Spooler Elevation of Privilege vulnerability with a CVSS score of 7.8, CVE-2021-43380, and a Windows Mobile Device Management Elevation of Privilege (EoP) vulnerability.

Others are CVE-2021-43893 with a CVSS score of 7.5, CVE-2021-43240 an NTFS Set Short Name elevation of privilege bug with a severity score of 7.8, CVE-2021-43883, a zero-day flaw impacting Windows Installer. The flaw has a severity of 7.8.

Apart from the above vulnerabilities, another 16 CVEs have been patched in the Chromium-based Edge browser.

IT World Canada Staff
IT World Canada Staffhttp://www.itworldcanada.com/
The online resource for Canadian Information Technology professionals.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web