Microsoft has issued an advanced notification for their last Patch Tuesday of the year, with a whopping 17 bulletins and 40 vulnerabilities. Out of the 17 bulletins, two are marked as "critical", Microsoft's highest security warning, 14 are labeled as "important" while the last one is marked as "moderate."
The update is scheduled for December 14, 2010, and will address a number of issues within Microsoft Windows, Internet Explorer, Microsoft Office, SharePoint and Exchange. The massive update comes just after Microsoft issued no patches for either Windows or Internet Explorer last month.
The bulletins will address a number of remote code execution, elevation of privilege, and denial of service.
The patches will fix vulnerabilities in the following software:
- Windows XP SP3
- Windows Vista SP1 & SP2
- Windows 7
- Windows Server 2003 SP2
- Windows Server 2008 SP2
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010
- Microsoft Office SharePoint Server 2007 SP2
- Microsoft Exchange Server 2007 SP2
Some of these updates will require a restart. Affected software includes both 32-bit and 64-bit, where applicable.
This is the first time Microsoft has released 17 bulletins, but it still doesn't match the the record breaking 49 vulnerabilities they patched back in October 2010.