December proved a busy month for
security updates
, with major tech players like Google, Microsoft, and Apple addressing critical vulnerabilities across their platforms. While Google took the lead by fixing 100 flaws, Microsoft came second with 30 and Apple with 12.
Google fixes Android bugs
According to a report by Wired, Google patched nearly 100 security issues, including two critical flaws in the framework.
The most severe of them could have allowed
remote attackers
to escalate their privileges without needing any additional permissions.
This vulnerability potentially allows an attacker to gain complete control over an affected device. Google urges users to update their devices as soon as possible.
Microsoft addresses RCE flaws
Microsoft also released a significant patch bundle for December, addressing over 30 vulnerabilities, including several remote code execution (RCE) flaws. One such high-impact vulnerability could have allowed attackers to trick users into accessing malicious links, software, or files, potentially compromising their systems.
Apple iOS 17.2 update for iPhones
Meanwhile, Apple released iOS 17.2, a major update addressing 12 vulnerabilities. One such vulnerability could potentially be exploited through the WebKit browser engine to execute malicious code.
Apple also identified a separate flaw in the iPhone's Kernel that could allow apps to bypass their sandboxes and gain increased privileges. Users are encouraged to update to iOS 17.2 to address these risks.
December's patch updates underscore the importance of keeping software up-to-date. This essentially means that users must be prompt in installing available updates as they minimise the risk of attackers exploiting vulnerabilities for malicious purposes.
This is especially crucial for widely used platforms like Android, Windows, and iOS, where vulnerabilities can have a significant impact on a large number of users.
English (US) ·