Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.

Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot and more in the form of fake applications.

The patch came as part of the computing giant’s December Patch Tuesday update, which included a total of 67 fixes for security vulnerabilities. The patches cover the waterfront of Microsoft’s portfolio, affecting ASP.NET Core and Visual Studio, Azure Bot Framework SDK, Internet Storage Name Service, Defender for IoT, Edge (Chromium-based), Microsoft Office and Office Components, SharePoint Server, PowerShell, Remote Desktop Client, Windows Hyper-V, Windows Mobile Device Management, Windows Remote Access Connection Manager, TCP/IP, and the Windows Update Stack.

Seven of the bugs addressed are rated critical, six were previously disclosed as zero-days and 60 are considered “important.”

The update brings the total number of CVEs patched by Microsoft this year to 887, which is down 29 percent in volume from a very busy 2020.

Zero-Day Exploited in Wild

The zero-day (CVE-2021-43890) is an important-rated spoofing vulnerability in the Windows AppX Installer, which is a utility for side-loading Windows 10 apps, available on the App Store.

Kevin Breen, director

Read More: https://threatpost.com/exploited-microsoft-zero-day-spoofing-malware/177045/