Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. The flaws impact multiple products including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Office Services and Web Apps, Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK, and Azure Sphere. In 2020, the IT giant has released a total of 1,250 CVEs.
Nine flaws addressed Microsoft December 2020 Patch Tuesday are rated as Critical, 46 are rated as Important, and 3 are rated Moderate in severity.
Six vulnerabilities have been reported through the ZDI program, none of the flaws patched this month are listed as publicly known or under active attack at the time of release.
The most severe issued addressed by Microsoft this month are:
The full list of security updates released by Microsoft is available on the official Security Update Guide portal.
(SecurityAffairs – hacking, Microsoft Patch Tuesday)