Microsoft addresses actively exploited zero-day and numerous critical flaws
Microsoft addresses actively exploited zero-day and numerous critical flaws
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
Patch Tuesday for December tackles two zero-day vulnerabilities, one of which is being actively exploited (CVE-2022-44698) and another that was publicly disclosed at the time of release (CVE-2022-44710), along with the additional critical flaws that could result in Remote Code Execution, Elevation of Privilege (EoP), Security Feature Bypass, and Spoofing.