Microsoft Releases December 2023 Security Updates
Scheduled updates for Microsoft products, including security updates for 36 vulnerabilities with four rated as critical
Summary
Scheduled updates for Microsoft products, including security updates for 36 vulnerabilities with four rated as critical
Affected platforms
The following platforms are known to be affected:
The following platforms are also known to be affected:
- Azure Connected Machine Agent
- Azure Machine Learning
- Microsoft Bluetooth Driver
- Microsoft Dynamics
- Microsoft Power Platform Connector
- Microsoft WDAC OLE DB provider for SQL
- Microsoft Windows DNS
- Windows Cloud Files Mini Filter Driver
- Windows DHCP Server
- Windows DPAPI (Data Protection Application Programming Interface)
- Windows Internet Connection Sharing (ICS)
- Windows Kernel
- Windows Kernel-Mode Drivers
- Windows Local Security Authority Subsystem Service (LSASS)
- Windows MSHTML Platform
- Windows ODBC Driver
- Windows Telephony Server
- Windows USB Mass Storage Class Driver
- Windows Win32K
- XAML Diagnostics
Threat details
Introduction
Microsoft has released security updates to address 36 vulnerabilities, including four rated as critical. The release notes also include 6 non-Microsoft vulnerabilities, one of which is a zero-day vulnerability. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Remediation advice
Affected organisations are encouraged to review Microsoft’s December 2023 Security Updates and apply the relevant updates.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 13 December 2023 2:45 pm