Hello everyone：

1. Microsoft launched the December 2023 routine security update patch package "Patch Tuesday", which fixed a total of 34 security vulnerabilities; including 1 0day vulnerability that has been exploited by hackers.
2. There is a serious vulnerability in the WordPress backup plug-in Backup Migration, which allows hackers to remotely execute arbitrary code.
3. Google received notification from an external organization and found that the Chrome browser has a high-risk 0day (vulnerability number: CVE-2024-0519). Emergency repair operations were carried out immediately, and the vulnerability was simultaneously released to Windows, Mac and Linux system users. Updated versions have been released, namely "120.0.6099.224/225", "120.0.6099.234" and "120.0.6099.224".

If the user has not received a system update notification, they can also manually update to ensure that the device is in the latest version and reduce the security risk of personal information being stolen.

Related Articles:
https://www.twcert.org.tw/tw/cp-104-7651-6abff-1.html
https://www.twcert.org.tw/tw/cp-104-7653-0096a-1.html
https://www.twcert.org.tw/tw/cp-104-7663-64a87-1.html

For more question about information security, please directly consult with Computer Center, at rogeryu@mail.ntust.edu.tw or applechang@mail.ntust.edu.tw