Microsoft released 11 bulletins in December Patch Tuesday

Microsoft issued the last security advisory for this year, 11 security bulletins have been released to address five critical vulnerabilities in Internet Explorer, Windows operating system, Microsoft Exchange and GDI+. The remaining six bugs are rated as important and they fix vulnerabilities in Microsoft SharePoint, Windows operating system, Microsoft Office and Developer Tools.

Four of the security updates require a system reboot and the MS13-096 security patch is at a higher importance as this security update resolves a publicly disclosed vulnerability that is widely exploited using automated exploit. MS13-097 security update resolves seven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer, An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user.

MS13-098 bulletin patches vulnerability that allow remote code execution if a user or application runs or installs a specially crafted, signed portable executable (PE) file on an affected system. While if you are using Microsoft exchange server at your infrastructure MS13-105 resolves three publicly disclosed vulnerabilities and one privately reported vulnerability that could allow remote code execution in the security context of the LocalService account if an attacker sends an email message containing a specially crafted file to a user on an affected Exchange server.

Make sure to patch all critical vulnerabilities as they allow a malicious user to run a remote code on vulnerable systems. You can have more information about Microsoft Security Bulletin Summary for December 2013 by following this link: http://technet.microsoft.com/en-us/security/bulletin/ms13-dec

Share