Microsoft is rolling out the last Windows patch of the year. The December 2023 patch follows a Microsoft Edge December patch released earlier this month and includes fixes for 34 flaws and a zero-day AMD CPU vulnerability.
The December 2023 patch Microsoft is rolling out now fixes ten elevations of privilege vulnerabilities, eight remote code execution vulnerabilities, six information disclosure vulnerabilities, five denial of service vulnerabilities, and five spoofing vulnerabilities.
Microsoft addresses AMD CPU issue that AMD left out
In addition, Microsoft is fixing a “division-by-zero” issue concerning AMD CPUs. The zero-day vulnerability was revealed in August, but AMD didn't provide a fix. At that time, the company labeled the issue as low threat and recommended “following software development best practices” (via Bleeping Computer).
Galaxy Book users need not worry about this zero-day vulnerability, as Samsung's Windows laptops are powered by Intel CPUs rather than AMD's.
As for the other issues patched by Microsoft's December 2023 release, only three of eight remote code execution flaws were labeled critical. In addition, only one spoofing vulnerability — affecting Power Platform — was deemed critical.
