The Channel logo

News

By | John Leyden 9th December 2011 11:31

Duqu vuln fix stars in bumper Patch Tuesday

Microsoft's Xmas gift to sysadmins: 14 security updates

Microsoft plans to deliver a festive hamper of 14 security updates next week, three of which are designed to tackle critical remote code execution flaws.

The critical updates plug serious holes in Windows XP, Vista, and (to a lesser extent) Windows 7. On the server side, both Windows 2003 and Windows 2008 are vulnerable, but only one vulnerability applicable is applicable to Windows 2008.

The final Patch Tuesday of 2011 is most notable for including a fix for the Windows vulnerability exploited by the Duqu (sibling of Stuxnet) worm. Five of the less severe yet "important" bulletins affect various versions of Office. The patch batch is also set to include security patches for Internet Explorer and Windows Media Player.

Although unveiling a fully laden hamper just before the holiday season is far from ideal, sysadmins can take heart from the fact that the percentage of Microsoft's patches addressing critical vulnerabilities has fallen from 70 per cent of security patches in 2006 to just 30 per cent this year, according to vulnerability management firm Lumension.

Microsoft's pre-alert notice is here. Additional commentary on the upcoming releases can be found from vulnerability scanning firm Qualys here. ®

alert Send corrections

Opinion

Privacy image

Frank Jennings

Two working parties, ministers galore... but data transfer law remains in limbo
EMC_Unity_bezel

Chris Evans

It does simplify the hardware setup, whatever it is
A microscopic view of the biometric shark skin. Pic: James Weaver

Chris Mellor

Do something and stop faffing about in the bush league

Kat Hall

International system in general needs greater transparency

Features

Nerd fail photo via Shutterstock
Shouting match
Single market vs. rest of the world
hacker
Mostly it's financial crime. Here's what all the cool kids' terms mean in English
Apple logo. Pic: Blake Patterson
Plenty of bumps in the 40-year road for Mac makers