Nearly a billion of Android users - over half of the total number of worldwide users - are in danger of being targeted by cyber attackers exploiting vulnerabilities in WebView, as Google has decided not to provide security patches for the core component used in pre-KitKat (v4.4) versions of the mobile OS.
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols.
Microsoft's Advanced Notification Service (ANS), which for over a decade provided advanced warning about the patches and updates that the company would push out on its monthly Patch Tuesday, will no longer be available through blog posts and on the web page reserved for the final advisory.
A critical vulnerability affecting all versions of the official Git client and all related software that interacts with Git repositories has been found and patched, and developers are advised to update their software as soon as possible.
December’s advanced Patch Tuesday brings us seven advisories, three of which are listed as Critical.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.