Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot and more in the form of fake applications.
The patch came as part of the computing giant’s December Patch Tuesday update, which included a total of 67 fixes for security vulnerabilities. The patches cover the waterfront of Microsoft’s portfolio, affecting ASP.NET Core and Visual Studio, Azure Bot Framework SDK, Internet Storage Name Service, Defender for IoT, Edge (Chromium-based), Microsoft Office and Office Components, SharePoint Server, PowerShell, Remote Desktop Client, Windows Hyper-V, Windows Mobile Device Management, Windows Remote Access Connection Manager, TCP/IP, and the Windows Update Stack.
Seven of the bugs addressed are rated critical, six were previously disclosed as zero-days and 60 are considered “important.”
Read more…
Source: ThreatPost