The Microsoft December 2023 security updates have been released and consist of 29 new patches. In addition, multiple Chromium bugs are being incorporated into the release, bringing the total number of CVEs to 42.
Of the CVEs released, 4 are rated critical and 29 are rated important. At the time of release, none of the CVEs are listed as being under active attack or as publicly known.
The security updates apply to the following products, features and roles: Microsoft Windows and Windows Components; Office and Office Components; Azure, Microsoft Edge (Chromium-based); Windows Defender; Windows DNS and DHCP server; and Microsoft Dynamic.
See the list of KBs at the bottom of the page at December 2023 Security Updates - Release Notes - Security Update Guide - Microsoft for information regarding known issues with the security updates as well as the CVEs with FAQs, Mitigations and/or Workarounds. For specific information on Windows 11, versions 23H2 and 22H2, see KB5033375. For Windows 10, Version 22H2 see KB5033372.
Recommended Reading: See Dustin Childs review and analysis in Zero Day Initiative -- The December 2023 Security Update Review.
IMPORTANT:
- After February 2024, there are no more optional, non-security preview releases for Windows 11, version 22H2. Only cumulative monthly security updates (known as the "B" or Update Tuesday release) will continue for this version. Windows 11, version 23H2 and Windows 10, version 22H2 will continue to receive security and optional releases.
- Because of reduced operations during the Western holidays and the upcoming new year, there won’t be a non-security preview release for the month of December 2023. Non-security preview releases will resume in January 2024.
Additional Update Notes:
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...