Microsoft patched the lowest number of 'critical' security vulnerabilities since 2005.
The Redmond giant issued 99 security bulletins during 2011, with 13 released Tuesday during its final patch batch of the year.
Thirty-two percent of all bulletins issued this year were tagged with Microsoft's highest severity rating of critical. During the last six months of 2011, the percentage was lower, with 20 per cent of all patches listed as critical.
Not since 2004 when Microsoft first issued monthly security patches has the number of critical bulletins in a year been so low.
Moreover, in terms of absolute numbers, critical vulnerabilities – where exploitation could result in the spread of a worm without user action – are at their lowest levels since 2005.
“The fact that we're seeing lower percentages of critical issues and bulletins year-over-year demonstrates progress made by the product groups in creating more secure software,” Microsoft Security Response Center director Mike Reavey said.
Microsoft on Tuesday pushed out its final 13 patches of the year. Three of the bulletins were rated critical, including bulletin MS11-087, which corrects a bug that allows the data-stealing, control system-targeting Duqu trojan to spread.
This article originally appeared at scmagazineus.com
Mike Reavey, director of the Microsoft Security Response Center, said in a blog post Tuesday.
Copyright © SC Magazine, US edition
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.