December '10 Patch Tuesday: 17 Bulletins, 40 Vulnerabilities
Update: Details on the 2 critical bulletins are available here. As part of the Patch Tuesday program (fixes and patches are released every second Tuesday of the month), Redmond-based software giant Microsoft will release a grand total of 17 security bulletins this December. These bulletins will address a grand total of 40 vulnerabilities that plague the Windows operating system, the Office productivity suite, the Internet Explorer web browser, Microsoft SharePoint, and Microsoft Exchange.
Out of the 14 bulletins, one is rated as moderate, fourteen are rated as important, and two are rated as critical. Microsoft employs a 4-tier rating system: low, moderate, important, and critical.
SPONSORED LINKS
The moderate rating refers to vulnerabilities whose exploitability can be mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation. The important rating refers to vulnerabilities whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources. The critical rating refers to vulnerabilities whose exploitation could allow the propagation of an Internet worm without user action.
An advance notification for the December 2010 Patch Tuesday has been posted online here.
Since this month’s Patch Tuesday will be the last update of 2010, let’s take a look at the security bulletins Microsoft rolled out this year. More than 100 security bulletins were released this year and they addressed more than 200 vulnerabilities.
Here’s a breakdown of this year’s Patch Tuesday releases:
Update: Details on the 2 critical bulletins are available 