Microsoft released security updates for December to patch 34 security issues in different software category and some of the patch released under very critical list.
This Released fix categorized to different Microsoft products and most of the fixed bugs are belongs to servers and Windows 8 and 10 system based vulnerabilites.
Many of office vulnerabilities are catogoried as a defense-in-depth measure and the update disables the Dynamic Update Exchange protocol (DDE) in all supported editions of Microsoft Word.
Microsoft Edge and Internet Explorer 11 having many bug fixes along with this security updates.
Also Read: New BlackArch Penetration Testing Linux ISOs Released with More Hacking Tools
All the windows 10 bugs are fixed by security realsed and In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
Microsoft released security updates for following catogories
– Internet Explorer
– Microsoft Edge
– Microsoft Windows
– Microsoft Office and Microsoft Office Services and Web Apps
– Microsoft Exchange Server
– ChakraCore
– Microsoft Malware Protection Engine
Higly critical information disclouser vulneabities are exists when the Windows its:// protocol handler unnecessarily sends traffic to a remote site in order to determine the zone of a provided URL.
According to Microsoft,This could potentially result in the disclosure of sensitive information to a malicious site.
To exploit the vulnerability an attacker would have to trick a user into browsing to a malicious website or to an SMB or UNC path destination. An attacker who successfully tricked a user into disclosing the user’s NTLM hash could attempt a brute-force attack to disclose the corresponding hash password.
Windows 10 for 32-bit Systems | 4053581 | Security Update | Information Disclosure | Important | 4048956 | |
Windows 10 for x64-based Systems | 4053581 | Security Update | Information Disclosure | Important | 4048956 | |
Windows 10 Version 1511 for 32-bit Systems | 4053578 | Security Update | Information Disclosure | Important | 4048952 | |
Windows 10 Version 1511 for x64-based Systems | 4053578 | Security Update | Information Disclosure | Important | 4048952 | |
Windows 10 Version 1607 for 32-bit Systems | 4054517 | Security Update | Information Disclosure | Important | 4048955 | |
Windows 10 Version 1607 for x64-based Systems | 4053579 | Security Update | Information Disclosure | Important | 4048953 | |
Windows 10 Version 1703 for 32-bit Systems | 4053580 | Security Update | Information Disclosure | Important | 4048954 | |
Windows 10 Version 1703 for x64-based Systems | 4053580 | Security Update | Information Disclosure | Important | 4048954 | |
Windows 10 Version 1709 for 32-bit Systems | 4054517 | Security Update | Information Disclosure | Important | 4048955 | |
Windows 10 Version 1709 for x64-based Systems | 4054517 | Security Update | Information Disclosure | Important | 4048955 | |
Windows 7 for 32-bit Systems Service Pack 1 | 4054518 | Monthly Rollup | Information Disclosure | Important | 4048957 | |
4054521 | Security Only | |||||
Windows 7 for x64-based Systems Service Pack 1 | 4054518 | Monthly Rollup | Information Disclosure | Important | 4048957 | |
4054521 | Security Only | |||||
Windows 8.1 for 32-bit systems | 4054519 | Monthly Rollup | Information Disclosure | Important | 4048958 | |
4054522 | Security Only | |||||
Windows 8.1 for x64-based systems | 4054519 | Monthly Rollup | Information Disclosure | Important | 4048958 | |
4054522 | Security Only | |||||
Windows RT 8.1 | 4054519 | Monthly Rollup | Information Disclosure | Important | 4048958 | |
Windows Server 2008 for 32-bit Systems Service Pack 2 | 4053473 | Security Update | Information Disclosure | Important | ||
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 4053473 | Security Update | Information Disclosure | Important | ||
Windows Server 2008 for Itanium-Based Systems Service Pack 2 | 4053473 | Security Update | Information Disclosure | Important | ||
Windows Server 2008 for x64-based Systems Service Pack 2 | 4053473 | Security Update | Information Disclosure | Important | ||
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 4053473 | Security Update | Information Disclosure | Important | ||
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 | 4054518 | Monthly Rollup | Information Disclosure | Important | 4048957 | |
4054521 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 4054518 | Monthly Rollup | Information Disclosure | Important | 4048957 | |
4054521 | Security Only | |||||
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 4054518 | Monthly Rollup | Information Disclosure | Important | 4048957 | |
4054521 | Security Only | |||||
Windows Server 2012 | 4054520 | Monthly Rollup | Information Disclosure | Important | 4048959 | |
4054523 | Security Only | |||||
Windows Server 2012 (Server Core installation) | 4054520 | Monthly Rollup | Information Disclosure | Important | 4048959 | |
4054523 | Security Only | |||||
Windows Server 2012 R2 | 4054519 | Monthly Rollup | Information Disclosure | Important | 4048958 | |
4054522 | Security Only | |||||
Windows Server 2012 R2 (Server Core installation) | 4054519 | Monthly Rollup | Information Disclosure | Important | 4048958 | |
4054522 | Security Only | |||||
Windows Server 2016 | 4053579 | Security Update | Information Disclosure | Important | 4048953 | |
Windows Server 2016 (Server Core installation) | 4053579 | Security Update | Information Disclosure | Important | 4048953 | |
Windows Server, version 1709 (Server Core Installation) | 4054517 | Security Update | Information Disclosure | Important | 4048955 |