Microsoft is prepping 17 patches to close 40 vulnerabilities as part of its December security update.
The update, due Tuesday, will close holes in Windows, Office, Internet Explorer (IE), SharePoint and Exchange, according to an advanced notification bulletin. Of the 17 bulletins, two are rated "critical", 14 are deemed "important" and one is designated "moderate."
The patch batch will close two publicly known issues: an elevation-of-privilege flaw that has been used in conjunction with Stuxnet attacks – public exploit code is available – and an IE bug that was being exploited in the wild on at least one legitimate website.
"We encourage customers to review this month's bulletins and to prioritize their installation according to the needs of their environment," Mike Reavey, director of the Microsoft Security Response Center, wrote in a blog post.
2010 likely will close with Microsoft releasing a total of 106 patches. Reavey said the high number is due to a number of factors, including increasing vulnerability research and the long periods of time that Microsoft supports its products.
See original article on scmagazineus.com
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
