As we reported last week, the December set of Patch Tuesday updates contains a double-digit quantity of security bulletins. In normal-speak, that means that Microsoft found a larger than normal number of flaws in its software this month that needed attention.
What is interesting is that instead of the fourteen bulletins that we had anticipated, Microsoft has only released thirteen. According to Qualys, “[t]he original anticipated 14th bulletin was for the BEAST attack, but did not make it in time for the holidays due to a last-minute software incompatibility uncovered during third-party testing.”
A total of three updates have been branded as ‘critical,’ and all impact Windows. One of the most important of those deals with the Duqu virus, solving a problem that was extant in how Windows handles TrueType font. There have been 99 bulletins this year, as the exclusion of the final bulletin this month kept the total tally below triple digits. If you have the sort of job that requires that you have intimate knowledge of just what is being fixed, head here. If you do not, just wait for Windows Update to take care of you.
As a final note, given that this is our last Patch Tuesday overview of 2011, I want to highlight the ‘Acknowledgments’ section that Microsoft publishes with each of its posts on the month’s updates. It contains a wealth of thanks, and shows just how distributed and important the larger technology community is. From the current edition:
That’s that for now, let’s hope that we don’t have to talk about security until January.