Hello, welcome to the Wednesday, December 13th,

2003 edition of the Sansonet Storm Center's Stormcast. My name is Johannes Ulrich,

and then I'm recording from Washington, D.C. It's Microsoft Patch Tuesday, and luckily,

for December, we don't have too many vulnerabilities to worry about here for the holidays.

Total of 35 different Microsoft vulnerabilities that are being addressed in this particular update.

And then we have in addition to that five chromium patches that of course went into Microsoft Edge.

Among the patches that are being offered here today, we got four critical patches to affect

internet connection sharing and could lead to remote code execution. We have one in the

Microsoft Power Platform and the fourth

and last one in Windows MSHtml. That's also a remote code execution vulnerability.

Wouldn't really consider any of them sort of a must patch now vulnerability, but definitely,

you know, as all critical vulnerabilitiesables get around to them and apply the patches one of the warnabillies CVE 20203 2588 has already been

made public now this is one of those AMD-specific speculative execution vulnerabilities, meaning an

informational leakage vulnerability, not currently being exploited.

It's the same family as many of these sort of specter usually called CPU vulnerabilities. The reason of vulnerability like this shows up in Microsoft's

patch Tuesday is that this patch will include updated microcode for affected CPUs. And Microsoft

also published a blog post with details regarding the abuse of Oath applications.

Oath, of course, is well respected, even though a sometimes complex authentication mechanism

that allows you to delegate privileges to an application.

This is being abused here in first

compromising a particular user's account the old way via password brute forcing or machine in the

middle attacks. There are a couple of different scenarios that Microsoft outlines in this respect.

...