Microsoft patches zero-day, other vulnerabilities
Microsoft issued 71 patches for December Patch Tuesday to address vulnerabilities including a zero-day bug in the Windows Common Log File System, which is under active exploit and could enable system-level privileges. Other critical vulnerabilities include a remote code execution flaw in Windows Lightweight Directory Access Protocol and one in Hyper-V that could allow code execution on the host operating system.
Full Story: Dark Reading (12/10)