Subscribe

Microsoft Release 67 Fixes For December Patch Tuesday

December 15, 2021

In Microsoft’s December issue of Patch Tuesday, the tech giant released 67 security fixes for software problems.

These problems include issues in software include Remote Code Execution (RCE) vulnerabilities, privilege escalation security flaws, spoofing bugs, and denial-of-service issues.

For the most serious vulnerabilities, 6 of them have been fixed in the security update, including a flaw said to be exploited in the wild.

The bugs include CVE-2021-43890, a Windows AppX Installer Spoofing zero-day vulnerability with a severity of 7.1, CVE-2021-41333, a Windows Print Spooler Elevation of Privilege vulnerability with a CVSS score of 7.8, CVE-2021-43380, and a Windows Mobile Device Management Elevation of Privilege (EoP) vulnerability.

Others are CVE-2021-43893 with a CVSS score of 7.5, CVE-2021-43240 an NTFS Set Short Name elevation of privilege bug with a severity score of 7.8, CVE-2021-43883, a zero-day flaw impacting Windows Installer. The flaw has a severity of 7.8.

Apart from the above vulnerabilities, another 16 CVEs have been patched in the Chromium-based Edge browser.

For more information, read the original story in ZDNet.

Top Stories

Key U.S. data center law faces expiration with no replacement in sight

Starlink introduces $10 monthly hardware rental fee

Hackers used Meta’s AI support bot to hijack 20,000 Instagram accounts

Meta faces backlash after facial recognition code found in smart glasses app

Apple reportedly taps Google Gemini and Nvidia Blackwell Chips for new Siri

Researchers warn AI coding agents can be manipulated through hidden skill files

Related Articles

Hackers used Meta’s AI support bot to hijack 20,000 Instagram accounts

June 9, 2026 Hackers exploited Meta’s AI-powered support chatbot to gain control of Instagram accounts, including several high-profile profiles. Meta more...

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

June 5, 2026 Security researchers have disclosed a new denial-of-service attack called HTTP/2 Bomb that can overwhelm major web servers more...

CISA exposed internal passwords and cloud keys in public repository

May 20, 2026 The Cybersecurity and Infrastructure Security Agency, the arm of the U.S. government tasked with protecting critical infrastructure more...

Canvas restores service after cyberattack disrupted schools and universities

May 11, 2026 Instructure has restored access to its Canvas learning platform after a cyberattack disrupted service for universities and more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn