Microsoft has wrapped up 2010 with a real bang as far as the volume of security vulnerabilities goes.

The company released no less than 17 security bulletins in December 2010, patching no less than 40 vulnerabilities.

However, just a couple of the patch packages are rated Critical, which means that the security holes they’re designed to plug can allow attackers to execute code remotely on a vulnerable computer and gain control over the machine.

The updates resolve security flaws in a range of products, including Office, Windows, Internet Explorer, SharePoint Server and Exchange.

Jerry Bryant, group manager, response communications, Microsoft was kind enough to provide a complete list with all the security bulletins issued by the software giant this month, which customers will be able to find below.

With just two bulletins rated Critical, 14 have been labeled Important and the remaining one is just Moderate.

Customers are of course advised to deploy the updates as soon as possible, with the Redmond giant highlighting two security bulletins as priorities.

“Microsoft recommends that systems administrators prioritize the following Critical bulletins: MS10-090 addressing vulnerabilities in Internet Explorer; and MS10-091 addressing vulnerabilities in Windows,” Bryant explained.

It’s critical to note that Microsoft issued patches for a zero-day vulnerability affecting Internet Explorer (but not IE9 Beta) and also for a flaw which has been exploited by the Stuxnet malware.

The company warned of attacks detected in the wild and designed to leverage both Critical vulnerabilities in order to infect computers with malicious code.

The December 2010 Security Bulletin Overview video featuring Bryant is available here.

Microsoft December Security Bulletins:

·         MS10-090 addresses seven vulnerabilities in Internet Explorer; it has a maximum severity rating of Critical and an Exploitability Index rating of 1.

·         MS10-091 addresses three vulnerabilities in Windows; it has a maximum severity rating of Critical and an Exploitability Index rating of 1.

·         MS10-092 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-093 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-094 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-095 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-096 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-097 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-098 addresses six vulnerabilities in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-099 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-100 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-101 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 3.

·         MS10-102 addresses one vulnerability in Windows; it has a maximum severity rating of Important and an Exploitability Index rating of 3.

·         MS10-103 addresses five vulnerabilities in Office; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-104 addresses one vulnerability in Office; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-105 addresses seven vulnerabilities in Office; it has a maximum severity rating of Important and an Exploitability Index rating of 1.

·         MS10-106 addresses one vulnerability in Exchange; it has a maximum severity rating of Moderate and an Exploitability Index rating of 3.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>