Microsoft previews January Patch Tuesday
Microsoft has announced that it will release seven bulletins, one of which is rated as critical, as part of this month's upcoming Patch Tuesday on 10 January. These updates will address a total of eight vulnerabilities in the company's Windows operating system and in its Developer Tools and Software.
According to Microsoft, the critical bulletin will close holes in Windows XP, Vista, Windows 7, Server 2003 and 2008 that could be exploited by an attacker to remotely inject code into a victim's system. Rated as "Important", the remaining bulletins will fix security bypass, remote code execution, privilege escalation and information disclosure issues in Windows, and Microsoft Developer Tools and Software.
Microsoft does not, however, say whether January's patch day will correct the SSL/TLS vulnerability disclosed in September; a fix was originally expected last month but was later postponed due to compatibility issues with third party products. As usual, an updated version of the Microsoft Windows Malicious Software Removal Tool (MSRT) will be released at the same time.
- Microsoft Security Bulletin Advance Notification for January 2012, bulletin from Microsoft.