SBN

December 2018 Patch Tuesday – 39 Vulns, Workstation Patches, Adobe Vulns

Microsoft and Adobe Logos

Microsoft and Adobe Logos

DevOps Connect:DevSecOps @ RSAC 2022

On the basis of volume and severity this Patch Tuesday is light in weight.

Workstation Patches

Browser and Scripting Engine patches should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users. Out of the 9 vulnerabilities, 6 can be exploited through browsers.

Active Attacks on Win32k Privilege Escalation

Microsoft has reported that there are active attacks detected against CVE-2018-8611. Microsoft has ranked this patch as Important. So, this should be prioritized.

Adobe Patches and Mitigations

Adobe released nine patches for Acrobat/Reader, with 6 rated as criticals and 3 as important.

*** This is a Security Bloggers Network syndicated blog from The Laws of Vulnerabilities – Qualys Blog authored by Animesh Jain. Read the original post at: https://blog.qualys.com/laws-of-vulnerabilities/2018/12/11/december-2018-patch-tuesday-39-vulns-workstation-patches-adobe-vulns