Microsoft to fix 40 vulnerabilities in 2010's last Patch Tuesday

By on December 13, 2010, 9:00 AM
Microsoft’s last Patch Tuesday for 2010 is due tomorrow and it looks like system administrators will have their hands full in the run-up to the holiday break. According to its advance notification for the December batch of updates, the company plans to issue 17 bulletins addressing a total of 40 vulnerabilities – the biggest in its history, it seems. Only two have a maximum rating of critical, though, while 14 are designated as important and one is rated moderate.

The security bulletins cover a wide range of Microsoft software including all versions of Windows, as well as Internet Explorer, Microsoft Office, SharePoint, and Exchange. Among the vulnerabilities being addressed is a privilege escalation bug exploited by the infamous Stuxnet worm, as well as an Internet Explorer zero-day issue that the company warned users about last month and has seen some exploits in the wild.

As usual, there will also be an update for the Windows Malicious Software Removal tool as well as Windows Mail Junk Filter and “one or more non-security, high-priority updates.” Along with the announcement Microsoft Security Response Center director, Mike Ravey, offered a look back at 2010 revealing that the latest round of security bulletins puts the total at 106 for the year – up 43 percent from the 74 security bulletins deployed in 2009. More details will come with the release of the patches tomorrow, but in the meantime, Microsoft's advance notification can be found here.




User Comments: 12

Got something to say? Post a comment
vipor231 said:

does linux have these security issues? LOL this is very laughable and im shocked that windows is still selling...don't get me wrong windows 7 is great but cmon there should be less of these security issues

Darkshadoe Darkshadoe said:

vipor231 said:

does linux have these security issues? LOL this is very laughable and im shocked that windows is still selling...don't get me wrong windows 7 is great but cmon there should be less of these security issues

No..it is more like so few people use Linux and Apple OS that hackers think it is a waste of time. If Linux was just as popular as Windows, they would be patching it left and right. No OS is perfect.

Guest said:

Well said, Darkshadoe. Why fishing in the pond while there's a lake.

Guest said:

For your own information Linux is consistently been updated and patched.

http://arstechnica.com/open-source/news/2010/12/linux-kernel
13-million-lines-over-5-patches-per-hour.ars

fpsgamerJR62 said:

Is the author trying to take a dig at Microsoft too ? What's with the Band-Aid with the wrong side facing up on top of the Windows logo ?

bmaytum bmaytum said:

Actually, NOT so well said darkshadoe. You are quite right that Linux is not widely targeted because of relatively small userbase compard to Windoze. But moreover, linux is much more resistant to the access & permission rights escalation exploits widely-employed in Windoze attacks. And linux is also much more secure for blocking auto-replicating trojan & bot activities.

In any case I *do* commend Micro$oft for their continuing hard work to find and patch their problems - keep up that good work.!

Archean Archean, TechSpot Paladin, said:

But moreover, linux is much more resistant to the access & permission rights escalation exploits widely-employed in Windoze attacks.

Few years ago Linux was ahead of windows in discovery of security related holes per week (according to scania), now I haven't been able to follow things as I did in the past, but it sure says something about how secure Linux is, or for that matter any OS. I don't buy all that Linux is much more secured malarkey, because it isn't targeted as zealously as windows, nor it will be for a long time to come, because it isn't an OS which is suited to prime time for an average user. It is what I say a 'geek's OS'.

Guest said:

lol at the Linux fanbois...

Just take your head out of your asses. Every OS needs security updates...

Linux,windows, mac os...

If you are using Linux, just run update manager and see how many security updates there are.

yRaz yRaz said:

what is it with people hating updates today?

Guest said:

is this thing on?

windmill007 said:

I think Microsoft update should be forced to provide updates for other products as well...like Java and Flash and Acrobat...Since they are the software they exploit the most it only makes sense to keep them updated. Without them being part of windows update they are not easy to control especially in a business environment.

Guest said:

I only had to install 8 updates today, on Win 7 64bit.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.