<ul><li>Microsoft has released its December Patch Tuesday cumulative update, which includes a fix for a worrying zero-day vulnerability that was being actively exploited in the wild.</li><li>The bug is a heap-based buffer overflow vulnerability in the Windows Common Log File System driver, tracked as CVE-2024-49138, and can be used to fully take over vulnerable systems.</li><li>US agencies have warned about the vulnerability, and it has been added to the Known Exploited Vulnerabilities catalog.</li><li>Microsoft also patched a total of 71 vulnerabilities, including 16 critical ones, in their December Patch Tuesday update.</li></ul>

Microsoft patches worrying zero-day along with 71 other flaws

Discover more