Microsoft has issued fixes for 36 CVEs for December 2019 Patch Tuesday across a range of products. Seven of them are rated critical, 28 are rated important, and one that’s already being exploited in the wild as a zero-day bug. Microsoft’s scheduled security update this month is relatively light, and includes patches for Microsoft Windows, Internet Explorer, Microsoft Office and related apps, SQL Server, Visual Studio and Skype for Business. The December Patch Tuesday addressed seven bugs that are critical, including seven that are rated as important in severity.
Source: https://threatpost.com/microsoft-actively-exploited-zero-day-bug/150992/