December 12, 2023 at 02:02PM
Today’s December 2023 Patch Tuesday from Microsoft addresses 34 flaws, including an unpatched vulnerability in AMD CPUs. Notably, it resolves a public zero-day AMD bug and includes a total of 8 fixes for Microsoft Edge flaws. Additionally, updates from other vendors in December are detailed, along with a list of resolved vulnerabilities.
Based on the meeting notes, here are the key takeaways:
– Today is Microsoft’s December 2023 Patch Tuesday.
– It includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs.
– Eight remote code execution (RCE) bugs were fixed, with Microsoft rating three as critical.
– There were four critical vulnerabilities, including one in Power Platform (Spoofing), two in Internet Connection Sharing (RCE), and one in Windows MSHTML Platform (RCE).
– The total count of 34 flaws does not include 8 Microsoft Edge flaws fixed on December 7th.
– This month’s Patch Tuesday fixes one AMD zero-day vulnerability which remained unpatched.
– Microsoft has also released a security update that resolves the ‘CVE-2023-20588 – AMD: CVE-2023-20588 AMD Speculative Leaks’ vulnerability in impacted AMD processors.
– Other vendors who released updates or advisories in December 2023 include Azure, Chipsets, Microsoft Dynamics, and Microsoft Edge, among others.
For further details on each resolved vulnerability and the systems it affects, you can refer to the full report provided in the meeting notes.