December’s Patch Tuesday is Microsoft’s lightest of the year, with only 36 vulnerabilities fixed. Today’s update addresses the way Win32k handles objects in memory. Kaspersky Labs discovered this zero-day while investigating Operation WizardOpium, which leverages a separate vulnerability in Google Chrome. New builds of Windows 10 are not affected because they contain measures to prevent the normal use of exploitable code. December’s patch Tuesday was Microsoft’s smallest security update this year and its lightest in a long time.”]