Microsoft fixed 39 security issues on the December Patch Tuesday
Microsoft released the December Patch Tuesday, fixing 39 security issues ranging from simple spoofing attacks to remote code execution. The products involved in the .NET Framework, Adobe Flash Player, Internet Explorer, Microsoft Dynamics, Microsoft Exchange Server, Microsoft Graphics Component, Microsoft Office, Microsoft Office SharePoint, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows DNS, Visual Studio, Windows Authentication Methods, Windows Azure Pack, Windows Kernel, and Windows Kernel-Mode Drivers.
Vulnerability Overview
The relevant information is as follows
Product | CVE Number | CVE Title |
.NET Framework | CVE-2018-8517 | .NET Framework Denial Of Service Vulnerability |
.NET Framework | CVE-2018-8540 | .NET Framework Remote Code Injection Vulnerability |
Adobe Flash Player | ADV180031 | December 2018 Adobe Flash Security Update |
Internet Explorer | CVE-2018-8619 | Internet Explorer Remote Code Execution Vulnerability |
Internet Explorer | CVE-2018-8631 | Internet Explorer Memory Corruption Vulnerability |
Microsoft Dynamics | CVE-2018-8651 | Microsoft Dynamics NAV Cross-Site Scripting Vulnerability |
Microsoft Exchange Server | CVE-2018-8604 | Microsoft Exchange Server Tampering Vulnerability |
Microsoft Graphics Component | CVE-2018-8595 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8596 | Windows GDI Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8638 | DirectX Information Disclosure Vulnerability |
Microsoft Graphics Component | CVE-2018-8639 | Win32k Privilege Escalation Vulnerability |
Microsoft Office | CVE-2018-8587 | Microsoft Outlook Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8597 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8598 | Microsoft Excel Information Disclosure Vulnerability |
Microsoft Office | CVE-2018-8627 | Microsoft Excel Information Disclosure Vulnerability |
Microsoft Office | CVE-2018-8628 | Microsoft PowerPoint Remote Code Execution Vulnerability |
Microsoft Office | CVE-2018-8636 | Microsoft Excel Remote Code Execution Vulnerability |
Microsoft Office SharePoint | CVE-2018-8580 | Microsoft SharePoint Information Disclosure Vulnerability |
Microsoft Office SharePoint | CVE-2018-8635 | Microsoft SharePoint Server Privilege Escalation Vulnerability |
Microsoft Scripting Engine | CVE-2018-8583 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8617 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8618 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8624 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8625 | Windows VBScript Engine Remote Code Execution Vulnerability |
Microsoft Scripting Engine | CVE-2018-8629 | Chakra Scripting Engine Memory Corruption Vulnerability |
Microsoft Scripting Engine | CVE-2018-8643 | Scripting Engine Memory Corruption Vulnerability |
Microsoft Windows | CVE-2018-8649 | Windows Denial of Service Vulnerability |
Microsoft Windows DNS | CVE-2018-8514 | Remote Procedure Call runtime Information Disclosure Vulnerability |
Microsoft Windows DNS | CVE-2018-8626 | Windows DNS Server Heap Overflow Vulnerability |
Visual Studio | CVE-2018-8599 | Diagnostics Hub Standard Collector Service Privilege Escalation Vulnerability |
Windows Authentication Methods | CVE-2018-8634 | Microsoft Text-To-Speech Remote Code Execution Vulnerability |
Windows Azure Pack | CVE-2018-8652 | Windows Azure Pack Cross-Site Scripting Vulnerability |
Windows Kernel | CVE-2018-8477 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8611 | Windows Kernel Privilege Escalation Vulnerability |
Windows Kernel | CVE-2018-8612 | Connected User Experiences and Telemetry Service |
Windows Kernel | CVE-2018-8621 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8622 | Windows Kernel Information Disclosure Vulnerability |
Windows Kernel | CVE-2018-8637 | Win32k Information Disclosure Vulnerability |
Windows Kernel-Mode Drivers | CVE-2018-8641 | Win32k Privilege Escalation Vulnerability |
Please check your Windows Update to receive this patch as possible as soon.