Microsoft patched a zero-day vulnerability that affected the AppX installer in Windows. The vulnerability allowed hackers to create packages to infect systems with malware. The patch was included in the December Patch Tuesday update.
https://www.notebookcheck.net/Microsoft-patches-spoofing-vulnerability-that-was-exploited-to-spread-malware.585647.0.html