Microsoft patched the lowest number of 'critical' security vulnerabilities since 2005.
The Redmond giant issued 99 security bulletins during 2011, with 13 released Tuesday during its final patch batch of the year.
Thirty-two percent of all bulletins issued this year were tagged with Microsoft's highest severity rating of critical. During the last six months of 2011, the percentage was lower, with 20 per cent of all patches listed as critical.
Not since 2004 when Microsoft first issued monthly security patches has the number of critical bulletins in a year been so low.
Moreover, in terms of absolute numbers, critical vulnerabilities – where exploitation could result in the spread of a worm without user action – are at their lowest levels since 2005.
“The fact that we're seeing lower percentages of critical issues and bulletins year-over-year demonstrates progress made by the product groups in creating more secure software,” Microsoft Security Response Center director Mike Reavey said.
Microsoft on Tuesday pushed out its final 13 patches of the year. Three of the bulletins were rated critical, including bulletin MS11-087, which corrects a bug that allows the data-stealing, control system-targeting Duqu trojan to spread.
This article originally appeared at scmagazineus.com
Mike Reavey, director of the Microsoft Security Response Center, said in a blog post Tuesday.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
