Microsoft Monthly Security Update (Dec 2019)

Last Update Date: 11 Dec 2019 11:26 Release Date: 11 Dec 2019 5159 Views

RISK: High Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

Microsoft has released monthly security update for their products:

Vulnerable Product	Risk Level	Impacts	Notes
Browser	Medium Risk	Remote Code Execution
Developer Tools	Medium Risk	Remote Code Execution Spoofing Tampering
SQL Server	Low Risk	Spoofing
Microsoft Office	Medium Risk	Remote Code Execution Information Disclosure Spoofing Denial of Service
Windows	High Risk	Remote Code Execution Information Disclosure Security Restriction Bypass Denial of Service Elevation of Privilege	Exploited in the wild (Local Exploit): CVE-2019-1458
Skype for Business	Low Risk	Spoofing

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 3

Number of 'Low Risk' product(s): 2

Evaluation of overall 'Risk Level': High Risk

Impact

Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Information Disclosure
Spoofing
Data Manipulation

System / Technologies affected

Browser
Developer Tools
SQL Server
Microsoft Office
Windows
Skype for Business

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor.

Vulnerability Identifier

https://www.cvedetails.com/vulnerability-list.php?vendor_id=26&year=2019&month=12

Source

Microsoft

Related Link

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

Share with

Google Chrome Multiple Vulnerabilities

11 Dec 2019 5077 Views

IBM WebSphere Application Multiple Vulnerabilities

16 Dec 2019 5181 Views