Microsoft on Dec.11th, its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity.
One of the security vulnerabilities patched by the tech giant this month is listed as publicly known at the time of release, and one is a zero-day reported as being actively exploited in the wild by multiple hacking groups.
The flaw affects almost all versions of Windows operating system—Windows 7 through Server 2019. This is the third zero-day vulnerability Microsoft has back-to-back patched in three consecutive months through its regular monthly patch update to address a Win32K elevation of privilege bug.
https://thehackernews.com/2018/12/microsoft-patch-updates.html