December '10 Patch Tuesday: 17 Bulletins, 40 Vulnerabilities
Update: Details on the 2 critical bulletins are available here .
As part of the Patch Tuesday program (fixes and patches are released every second Tuesday of the month), Redmond-based software giant Microsoft will release a grand total of 17 security bulletins this December. These bulletins will address a grand total of 40 vulnerabilities that plague the Windows operating system, the Office productivity suite, the Internet Explorer web browser, Microsoft SharePoint, and Microsoft Exchange.
Out of the 14 bulletins, one is rated as moderate, fourteen are rated as important, and two are rated as critical. Microsoft employs a 4-tier rating system: low, moderate, important, and critical.
The moderate rating refers to vulnerabilities whose exploitability can be mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation. The important rating refers to vulnerabilities whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources. The critical rating refers to vulnerabilities whose exploitation could allow the propagation of an Internet worm without user action.
An advance notification for the December 2010 Patch Tuesday has been posted online here.
Since this month’s Patch Tuesday will be the last update of 2010, let’s take a look at the security bulletins Microsoft rolled out this year. More than 100 security bulletins were released this year and they addressed more than 200 vulnerabilities.
Here’s a breakdown of this year’s Patch Tuesday releases:
As part of the Patch Tuesday program (fixes and patches are released every second Tuesday of the month), Redmond-based software giant Microsoft will release a grand total of 17 security bulletins this December. These bulletins will address a grand total of 40 vulnerabilities that plague the Windows operating system, the Office productivity suite, the Internet Explorer web browser, Microsoft SharePoint, and Microsoft Exchange.
Out of the 14 bulletins, one is rated as moderate, fourteen are rated as important, and two are rated as critical. Microsoft employs a 4-tier rating system: low, moderate, important, and critical.
The moderate rating refers to vulnerabilities whose exploitability can be mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation. The important rating refers to vulnerabilities whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources. The critical rating refers to vulnerabilities whose exploitation could allow the propagation of an Internet worm without user action.
An advance notification for the December 2010 Patch Tuesday has been posted online here.
Since this month’s Patch Tuesday will be the last update of 2010, let’s take a look at the security bulletins Microsoft rolled out this year. More than 100 security bulletins were released this year and they addressed more than 200 vulnerabilities.
Here’s a breakdown of this year’s Patch Tuesday releases:
- In January Microsoft released just 1 security bulletin (6 vulnerabilities).
- In February Microsoft released a grand total of 13 security bulletins (26 vulnerabilities).
- In March Microsoft released only 2 bulletins (8 vulnerabilities).
- In April Microsoft released a total of 11 bulletins (25 vulnerabilities).
- In May Microsoft released just 2 bulletins (2 vulnerabilities).
- In June Microsoft released a grand total of 10 bulletins (34 vulnerabilities).
- In July Microsoft released only 4 bulletins (5 vulnerabilities).
- In August Microsoft released a grand total of 14 bulletins (34 vulnerabilities).
- In September Microsoft released only 9 bulletins (11 vulnerabilities).
- In October Microsoft released 16 bulletins (49 vulnerabilities), a record breaking Patch Tuesday.
- In November Microsoft released 3 bulletins (11 vulnerabilities).
- This December Microsoft will roll out 17 bulletins (40 vulnerabilities).
