Tenable releases coverage for December 2019 Microsoft Patch Tuesday

Microsoft closes out the last Patch Tuesday of the year for 2019 with a relatively smaller than usual number of CVE's getting patches. In this months update 36 CVE's were patched with only 7 being rated as critical.

One of the most important updates this month is CVE-2019-1458, an elevation of privilege vulnerability in Microsoft Windows that occurs when the Win23k component fails to properly handle objects in memory. An attacker who is able to log onto the system could execute a specially crafted application to exploit this flaw to run arbitrary code in kernel mode. Microsoft’s advisory notes this vulnerability has been exploited in the wild, and according to researchers Anton Ivanov and Alexey Kulaev of Kaspersky Lab is connected to another zero-day exploit in Google Chrome that the researchers disclosed in November.

Follow along as we discuss some of the important updates released this month by reading our blog.

Release Date:

10 December 2019