{"version":"1.0","provider_name":"OTAVA","provider_url":"https:\/\/www.otava.com","title":"December Microsoft Security Update","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"Fj1nQd8a32\"><a href=\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\">December Microsoft Security Update<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/embed\/#?secret=Fj1nQd8a32\" width=\"600\" height=\"338\" title=\"&#8220;December Microsoft Security Update&#8221; &#8212; OTAVA\" data-secret=\"Fj1nQd8a32\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.otava.com\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"December\u2019s Microsoft security updates were published Tuesday, the 11th. There were seven patches, predominantly regarding remote code execution in Office, Windows, and IE. In Internet Explorer there were critical vulnerabilities, the worst of which, caused by a user going to a malicious site, would allow a remote code execution, and has the potential to give the attacker the same permissions as the user. Another patch, this one for all supported releases of Microsoft Windows, addressed the way that that Window\u2019s kernel-mode drivers were handling objects in memory, in regards to vulnerabilities that could allow remote code execution by someone opening a specifically made document or going to a webpage that embeds TrueType or OpenType font files. Both require a restart. There was also a critical vulnerability within Microsoft Word that could allow an attacker to gain the same rights as a user if the user opened a specially crafted RTF file or previewed\/opened a specially crafted RTF email message in Outlook if Microsoft Word is the email viewer, triggering a remote code execution action. This is an interesting and particularly worrisome issue, because it doesn\u2019t require any sort of interaction from the user. They wouldn\u2019t have to actually click on..."}