Big Patch Tuesday
It's the second Tuesday of the month. It
must be Patch Tuesday.
The
last Patch Tuesday of the year is a doozy, with seven new security
bulletins -- three of them critical. That's one more security bulletin
than the company promised last week in its
Advance
Bulletin Notification Service, when the company tells the IT world
what to expect on Patch Tuesday.
According to Symantec Security Response, the most critical bulletin of
the bunch is the one providing a cumulative patch for Internet Explorer.
The patch fixes a client-side code execution vulnerability. Says Oliver
Friedrichs, director of Symantec Security Response, "Today's release
from Microsoft reconfirms that client-side vulnerabilities are one of
the most efficient and well known methods by which computers can become
infected, therefore users are urged to install patches as soon as possible."
This Patch Tuesday has been closely watched by security experts because of the existence of a couple of zero-day exploits involving a couple of Microsoft Word flaws. Microsoft wasn't able to pull a patch together in this batch for those problems.
Posted by Scott Bekker on December 12, 2006