Patch Tuesday: 17 bulletins, 40 vulnerabilities - last of the year

Microsoft has issued an advanced notification for their last Patch Tuesday of the year, with a whopping 17 bulletins and 40 vulnerabilities. Out of the 17 bulletins, two are marked as "critical", Microsoft's highest security warning, 14 are labeled as "important" while the last one is marked as "moderate."

The update is scheduled for December 14, 2010, and will address a number of issues within Microsoft Windows, Internet Explorer, Microsoft Office, SharePoint and Exchange. The massive update comes just after Microsoft issued no patches for either Windows or Internet Explorer last month.

The bulletins will address a number of remote code execution, elevation of privilege, and denial of service.

The patches will fix vulnerabilities in the following software:

  • Windows XP SP3
  • Windows Vista SP1 & SP2
  • Windows 7
  • Windows Server 2003 SP2
  • Windows Server 2008 SP2
  • Internet Explorer 6
  • Internet Explorer 7
  • Internet Explorer 8
  • Microsoft Office XP SP3
  • Microsoft Office 2003 SP3
  • Microsoft Office 2007 SP2
  • Microsoft Office 2010
  • Microsoft Office SharePoint Server 2007 SP2
  • Microsoft Exchange Server 2007 SP2

Some of these updates will require a restart. Affected software includes both 32-bit and 64-bit, where applicable.

This is the first time Microsoft has released 17 bulletins, but it still doesn't match the the record breaking 49 vulnerabilities they patched back in October 2010.

Report a problem with article
Previous Story

Operation Payback Day 2: Teen boy arrested, more attacks planned

Next Story

Hands On: Google Cr-48 Chrome laptop

24 Comments

View more comments

What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."

warwagon said,
What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."


Yeah you would think they would know before you installed it if it was going to make you restart or not its almost as if they are just putting it there to cover themselves if something goes wrong.

warwagon said,
What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."

It's a generic statement to cover their bases. it's not updated each patch tuesday.

Maybe they'll update it when they can update anything without files being in use, etc.

warwagon said,
What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."

Should really read: "Installing this service pack, WILL require a restart."

warwagon said,
What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."

Suppose you are installing a update rollup with 10 updates in it and only 2 of them require restart. What if you already have them installed? You wouldn't need to restart then.

warwagon said,
What always makes me laugh, is when windows update tells you that "Installing this service pack, MIGHT require a restart."

It's a perfectly valid statement.

I've seen instances where, for example, installing a hotfix while IE or Office is running prompts you to restart at the end...whereas on another identical system where IE/Office is NOT running, you're not prompted.

So you may require a restart, depending on whether the hotfix installer can replace files that may or may not be in use.

_dandy_ said,

It's a perfectly valid statement.

I've seen instances where, for example, installing a hotfix while IE or Office is running prompts you to restart at the end...whereas on another identical system where IE/Office is NOT running, you're not prompted.

So you may require a restart, depending on whether the hotfix installer can replace files that may or may not be in use.

Yes, plus, depending on what other HFs or SPs you might have installed the requirement might or might not be there.

Well, when you break it down only the 2 critical ones are what stand out. Sure 40 might sound big but you have to put it into perspective.

LiquidSolstice said,

I hope you're joking

I hope not. IE6 is a huge security risk and very outdated as far as website rendering goes. Yes, there are a few places (China, some US companies) that use it because it doesn't display a lot of pages correctly, or they refuse to update their old web applications. But, it leaves a lot of vulnerabilities open. At the very least, they should start moving to IE8.

XMac said,
The patches will fix vulnerabilities in the following software:
* Internet Explorer 6

Who uses IE 6 anymore?

Almost everything government related in my country. Hell some of them are still running 2000 or 98.

KavazovAngel said,

Almost everything government related in my country. Hell some of them are still running 2000 or 98.


This is where Microsoft should stop supporting < Windows XP, maybe even stop releasing patches for Win XP too? Push Internet Explorer through Windows Updates, and stop supporting older browsers. It would support their move to ensourage people to buy the latest OS and use the latest technologies that they have spent millions of dollars producing.

Community Centers, some libraries, places where elderly people or where no one bothers updating windows or using window updates.

P.S. Whoops wrong reply button towards Xmac.

Ugh. Another month, another tonne of updates. Really could have done with last months almost non-existent patch payload this month instead!

Chicane-UK said,
Ugh. Another month, another tonne of updates. Really could have done with last months almost non-existent patch payload this month instead!

Hahha.

Double edged sword, but if I have to choose a side, I'll take the tonne of updates one.

KavazovAngel said,

Hahha.

Double edged sword, but if I have to choose a side, I'll take the tonne of updates one.

Same here any day of the week!

Who cares about having to reboot anyway. What, is your computer so slow it takes a day and half to restart?

Finishing the year with a bang though!!

cork1958 said,

Same here any day of the week!

Who cares about having to reboot anyway. What, is your computer so slow it takes a day and half to restart?

Finishing the year with a bang though!!


hahahaha, nice burn

XMac said,
The patches will fix vulnerabilities in the following software:
* Internet Explorer 6

Who uses IE 6 anymore?


Argos stores in the UK

Hey Microsoft,

You did great with Windows 7. Keep it up! But since it's almost 2011, can we get updates that we don't have to reboot for? It's pointless and unnecessary. Unload the **** dynamically and let us get back to our work.

Installing the update may cause system hangs or lockups and result in SWAT and nuclear strike teams targeting your location.

Diclaimer:

Microsoft will never disclose any personal information such as your location, name or email address or other sensitive information such as the model of your computer. all information is submitted over an unencrypted connection to confuse people, as the would assume it is encrypted.

Commenting is disabled on this article.