Microsoft Releases December 2018 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information.
This content has been archived
This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk
Summary
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information.
Affected platforms
The following platforms are known to be affected:
Threat details
Update
A new Proof of Concept exploit for Microsoft Edge has been published by a security researcher. The researcher has published the code to GitHub. The exploit leverages a Just in Time (JIT) out-of-bounds (OOB) memory handling error. This vulnerability was patched by these December 2018 security updates. Administrators are encouraged to review the below remediation advice from Microsoft.
RemediationUsers and administrators are encouraged to review Microsoft’s December 2018 Security Update Summary and Deployment Information and apply the necessary updates.
Remediation steps
| Type | Step |
|---|---|
|
Users and administrators are encouraged to review Microsoft’s December 2018 Security Update Summary and Deployment Information and apply the necessary updates. |
Last edited: 17 February 2020 12:59 pm