For December's Patch Tuesday, both Microsoft and Adobe patched numerous critical vulnerabilities. Adobe patched 31 vulnerabilities across 9 different product lines, including a Flash zero-day, which could lead to code execution, and which has been exploited in the wild. Microsoft patched a half-dozen critical browser vulnerabilities; most of which are remote code execution vulnerabilities.
The UCLA Information Security Office recommends that these patches be applied as soon as practical through Automatic Updates for standalone Windows workstations or through a centralized patching solution for enterprise workstations.