Microsoft has delivered a notable package of security fixes in its final Patch Tuesday of the year, covering a variety of operating systems and add-ons.
Seven bulletins were released by Microsoft, with five ranked as critical and two as important. In total, they deal with 12 vulnerabilities, covering a range of Remote Code Execution (RCE) flaws in popular software.
One of those RCE flaws is resident in Internet Explorer, thanks to a memory corruption bug, whilst another lies in Microsoft Word, which results from the way in which the program parses RTF files. For the latter, experts believe exploit code will be made public soon, so teams should get patching.
As part of its security updates, Microsoft has also pushed out a new version of Flash in Internet Explorer 10, addressing three critical vulnerabilities. Adobe has put out its own patch too.
Security professionals have noted the decline in vulnerabilities addressed by Microsoft this year, which is being seen as a positive reflection on secure code, rather than a sign that Patch Tuesday isn’t as effective as it was. The graph below shows the significant drop in 2012 over the two previous years.
Microsoft pushed out 83 bulletins this year, down from 100 in 2011. “Maybe even more important than the raw numbers is the more regular release rhythm that Microsoft set this year. We see this as a clear sign of a more mature process,” Kandek added.
How well do you know Internet security? Try our quiz
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…