Security patches are still arriving thick and fast in December even though the holiday season is almost over. The month has seen updates from Apple, Microsoft, and others.
It's important that the patches are applied as soon as possible because many of them fix zero-day vulnerabilities. In December, there were a lot of patches.
There are two operating systems for the Apple iPad and Apple iOS and iPadOS.
There was a major point upgrade to the operating system in December. The update comes with features, but it also fixes 35 security vulnerabilities.
None of the issues patched iniOS 16.2 are known to have been used in attacks. There are two flaws in the engine that powers Apple'sSafari browser, which could allow an attacker to execute code.
The flaw that can be used in attacks was fixed in the latest version of the software. According to Apple, the vulnerability could allow an attacker to execute code. The same flaw was fixed by Apple at the end of the month.
Apple has been giving security updates to people who don't want to upgrade to the new operating system. If you have an older version of the phone, you need to upgrade to the newer version of the phone.
macOS Ventura, watchOS 9.2, tvOS 16.2, macOS Big sur, and macOS Monterey were all released by the company.
There is a mobile operating system called "Android."
During the month of December, there were dozens of security vulnerabilities that were fixed. There is a critical vulnerability in the System component that could lead to remote code execution over Bluetooth with no additional execution privileges needed.
There are two critical flaws in theAndroid Framework component. There were a number of bugs patched by the company.
It is possible to get the December patch for the devices of both companies.
There is a new version of the browser, called Chrome108.
The ninth zero-day vulnerability of the year has been fixed by an emergency update for the chrome browser. There is a high-severity type confusion issue that could allow a remote attacker to exploit heap corruption. The browser maker said that there was an exploit in the wild.
The emergency update came just days after the release of Chrome. Several use-after-free bugs are among the fixes. None of these vulnerabilities have been used in an attack. It is a good idea to update chrome as soon as possible because the latest bug is in the hands of attackers.
There is a Microsoft patch Tuesday.
Microsoft patched 49 security vulnerabilities, including a flaw that was used in attacks. The issue is a Windows Smart Screen security feature that could lead to loss of integrity and availability.
Microsoft said that an attacker can craft a malicious file that will evade Mark of the Web defenses and result in a limited loss of integrity and availability of security features.