In association with heise online

09 December 2011, 13:06

Microsoft's December Patch Tuesday should address Duqu worm

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft logo Microsoft has announced that it will release 14 bulletins, three of which are rated as critical by the company, as part of this month's upcoming Patch Tuesday on 13 December. These updates will address a total of 20 vulnerabilities across Windows, Office, Internet Explorer, Publisher and Windows Media Player.

The critical bulletins will close holes in Windows XP, Vista, Windows 7, Server 2003 and 2008 that could be exploited by an attacker to remotely inject code into a victim's system. These should include a fix for the Duqu bot which has spread by taking advantage of a vulnerability in the Windows kernel; Microsoft has been working on the Duqu security update since before November's Patch Tuesday, but it was not ready in time.

The remaining eleven bulletins are rated as important and fix remote code execution problems, as well as privilege escalation issues in Office 2003, 2007 and 2010; Office 2004, 2008 and 2011 for Mac; Publisher 2003 and 2007; and Internet Explorer. An updated version of the Microsoft Windows Malicious Software Removal Tool (MSRT) will be released at the same time.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit