Microsoft releases security updates to patch 39 vulnerabilities its Windows operating systems and applications. One is a zero-day reported as being actively exploited in the wild by multiple hacking groups, including FruityArmor and SandCat APTs. Another is a denial-of-service issue in web applications built with theNET Framework that exists due to improper handling of special web requests. Users and system administrators are strongly recommended to apply the latest security patches as soon as possible to keep hackers away from taking control of their systems.
Source: https://thehackernews.com/2018/12/microsoft-patch-updates.html