CVE-2023-20588: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-1079 [MEDIUM] linux-azure, linux-azure-4.15 vulnerabilities linux-azure, linux-azure-4.15 vulnerabilities It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use thi

CVE-2023-20588 [MEDIUM] linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds

CVE-2023-1079 [MEDIUM] linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects,

CVE-2023-20588 [MEDIUM] linux-aws vulnerabilities linux-aws vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863)

CVE-2022-45886 [HIGH] linux-nvidia-6.2 vulnerabilities linux-nvidia-6.2 vulnerabilities Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-45886, CVE-2022-45919) Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45887) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS im

CVE-2023-20588 [MEDIUM] linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15 vulnerabilities linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15 vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker c

CVE-2023-20588 [MEDIUM] linux-raspi vulnerabilities linux-raspi vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or

CVE-2023-20588 [MEDIUM] linux-bluefield, linux-raspi, linux-raspi-5.4 vulnerabilities linux-bluefield, linux-raspi, linux-raspi-5.4 vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a de

[MEDIUM] linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, lin linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283)

CVE-2023-20588 [MEDIUM] linux-oem-6.1 vulnerabilities linux-oem-6.1 vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569)

[MEDIUM] linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service

[MEDIUM] linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-ora linux, linux-aws, linux-aws-6.2, linux-azure, linux-azure-6.2, linux-azure-fde-6.2, linux-gcp, linux-gcp-6.2, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-oracle, linux-raspi, linux-starfive vulnerabilities Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS. (CVE-2023-21264) It was discovered that the bluetooth subsyst

CVE-2023-20588 [MEDIUM] CVE-2023-20588: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-20588 [MEDIUM] CWE-369 GHSA-6h77-2hc9-qm3w: A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

CVE-2023-20588 [MEDIUM] Linux kernel (Azure) vulnerabilities Title: Linux kernel (Azure) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, l

CVE-2023-20588 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (system crash). (CVE-2023-1079) Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading t

CVE-2023-20588 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certai

CVE-2023-45863 [MEDIUM] Linux kernel (AWS) vulnerabilities Title: Linux kernel (AWS) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) Instructions: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an una

CVE-2023-20588 [MEDIUM] AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice FAQ: Why is this AMD CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in certain processor models offered by AMD. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide protection against the vulnerability. Please see the following for more information: AMD-SB-7007 Chipsets: Chipsets AMD: AMD Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5033371 Refe

CVE-2023-3772 [HIGH] Linux kernel (NVIDIA) vulnerabilities Title: Linux kernel (NVIDIA) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-45886, CVE-2022-45919) Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45887) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in c

CVE-2022-1304 [HIGH] Citrix Hypervisor Multiple Security Updates Citrix Hypervisor Multiple Security Updates of Problem Several issues have been discovered that affect Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged code in a guest VM to: i) Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326 ii) Compromise the host when a specific administrative action is taken (see CVE References: CVE-2022-1304, CVE-2023-20588, CVE-2023-34324, CVE-2023-34326, CVE-2023-34327 Affected Products: Citrix Hypervisor, XenServer Severity: High Remediation: We have released hotfixes to address these issues. We recommend that affected customers install these hotfixes and follow the instructions in the linked articles as their update schedule permits. The hotfixes can be downloaded from the following locations: CTX575070 - https://su

CVE-2023-4128 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A loc

CVE-2023-4128 [MEDIUM] Linux kernel (Raspberry Pi) vulnerabilities Title: Linux kernel (Raspberry Pi) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnera

CVE-2023-4128 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A loc

CVE-2023-4569 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283) It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A loc

CVE-2023-40283 [MEDIUM] Linux kernel vulnerabilities Title: Linux kernel vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS. (CVE-2023-21264) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to

CVE-2023-20588 [MEDIUM] Linux kernel (OEM) vulnerabilities Title: Linux kernel (OEM) vulnerabilities Summary: Several security issues were fixed in the Linux kernel. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569) Instructions: After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel

CVE-2023-20588 [MEDIUM] CWE-369 hw: amd: division-by-zero may resulting in loss of confidentiality hw: amd: division-by-zero may resulting in loss of confidentiality A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. A division-by-zero error was found in hw on some AMD processors. This flaw can potentially return speculative data, resulting in loss of confidentiality. Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. Package: kernel (Red Hat Enterprise Linux 6) - Not affected Package: kernel (Red Hat Enterprise Linux 7) - Not affected Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected Package: kernel (R

CVE-2023-20588 [MEDIUM] CVE-2023-20588: linux - A division-by-zero error on some AMD processors can potentially return speculati... A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Scope: local bookworm: resolved (fixed in 6.1.52-1) bullseye: resolved (fixed in 5.10.197-1) forky: resolved (fixed in 6.4.13-1) sid: resolved (fixed in 6.4.13-1) trixie: resolved (fixed in 6.4.13-1)

CVE-2023-36019 18th December – Threat Intelligence Report Latest Publications CPR Podcast Channel AI Research Web 3.0 Security Intelligence Reports ThreatCloud AI Threat Intelligence & Research Zero Day Protection Sandblast File Analysis About Us SUBSCRIBE 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 ## 18th December – Threat Intelligence Report For the latest discoveries in cyber research for the week of 18th December, please download our Threat_Intelligence Bulletin . TOP ATTACKS AND BREACHES Ukraine’s largest mobile operator, Kyivstar, was hit by “largest cyber-attack on telecom infrastructure in the world”, rendering millions without mobile and internet services for at least 48 hours. Reportedly, the attack also affected air raid sirens, ATMs, and point-of-sale terminals. Russia-affiliated group Solntsepek

The December 2023 Security Update Review # The December 2023 Security Update Review Get the December 2023 security update and review. By: Zero Day Initiative 2023/12/12 Read time: ( words) Save to Folio It’s the final patch Tuesday of 2023, and Apple, Adobe, and Microsoft have released their latest security offerings. Take a break from your holiday hustle and join us as we review the details of their latest advisories. If you’d rather watch the video recap, you can check it out here: Apple Patches for December 2023 Apple kicked off the December release cycle with patches for iOS and iPadOS with eight CVEs. Two of these CVEs in Webkit are reported as being under active attack on iOS versions 16.7.1 and older. If you’re using an older iPhone or iPad, you should definitely update your device immediately. If you’re using a dev

[CRITICAL] Microsoft’s December 2023 Patch Tuesday Addresses 33 CVEs (CVE-2023-36019) ## Cloud Exposure Tenable Cloud Security (CNAPP) Request a demo Tenable Cloud Vulnerability Management Request a demo Tenable CIEM Request a demo Secure your cloud ## Vulnerability Exposure Tenable Vulnerability Management Try for free Tenable Security Center Request a demo Tenable Web App Scanning Try for free Tenable Patch Management Request a demo Tenable Enclave Security Request a demo Tenable Attack Surface Management Request a demo Tenable Nessus Try for free ## AI Exposure Tenable AI Exposure Request a demo ## OT/IoT Exposure Tenable OT Security Request a demo ## Identity Exposure Tenable Identity Exposure Request a demo ## Business needs Active Directory AI Security Posture Management (AI-SPM) AWS security Azure security Cloud Security Posture Man

Microsoft and Adobe Patch Tuesday, December 2023 Security Update Review ## Table of Contents Microsoft Patch Tuesday for December 2023 Adobe Patches for December 2023 Zero-day Vulnerability Patched in December Patch Tuesday Edition Other Critical Severity Vulnerabilities Patched in December Patch Tuesday Edition Other Microsoft Vulnerability Highlights Microsoft Release Summary Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) Rapid Response with Patch Management (PM) Qualys Monthly Webinar Series Microsoft has wrapped up the year with fewer security updates released in its Patch Tuesday, December 2023 edition. We invite you to join us to review and discuss the details of these security updates and patches. ## Microsoft Patch Tuesday for December 2023 In this month’s Patch Tuesday edition, Microsoft ha

Qualys Review: Microsoft and Adobe December Security Patches | Qualys #### Table of Contents - Microsoft Patch Tuesday for December 2023 - Adobe Patches for December 2023 - Zero-day Vulnerability Patched in December Patch Tuesday Edition - Other Critical Severity Vulnerabilities Patched in December Patch Tuesday Edition - Other Microsoft Vulnerability Highlights - Microsoft Release Summary - Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR) - Rapid Response with Patch Management (PM) - Qualys Monthly Webinar Series Microsoft has wrapped up the year with fewer security updates released in its Patch Tuesday, December 2023 edition. We invite you to join us to review and discuss the details of these security updates and patches. ## Microsoft Patch Tuesday for December 2023 In this month’s Patch Tuesday edition,

[MEDIUM] Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day ## Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day ## Lawrence Abrams 10 Elevation of Privilege Vulnerabilities 8 Remote Code Execution Vulnerabilities 6 Information Disclosure Vulnerabilities 5 Denial of Service Vulnerabilities 5 Spoofing Vulnerabilities The total count of 34 flaws does not include 8 Microsoft Edge flaws fixed on December 7th. To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5033375 cumulative update and Windows 10 KB5033372 cumulative update . ## One publicly disclosed zero-day fixed This month's Patch Tuesday fixes one AMD zero-day vulnerability disclosed in August that previously remained unpatched. The ' CVE-2023-20588 - AMD: CVE-2023-20588 AMD Speculative Leaks ' vul

CVE-2026-20929 [HIGH] December 2023 Patch Tuesday: Updates and Analysis STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 STARDUST CHOLLIMA Likely Compromises Axios npm Package Apr 01, 2026 Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Apr 01, 2026 Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse Mar 31, 2026 How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem Mar 25, 2026 Video Highlights the 4 Key Steps to Successful Incident Response Dec 02, 2019 Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VI