December’s Patch Tuesday will include seven security bulletins: five critical and two important.
Bulletin 1 is rated critical and affects Internet Explorer 9 and 10 on all platforms that support IE 9 and IE10, starting at Vista all the way to Windows 8 and RT.
Bulletin 2, which is also rated critical, applies to all versions of Windows and again includes both Windows 8 and Windows RT.
Bulletin 3 affects Microsoft Word and is rated critical, which happens very rarely. Usually Microsoft downgrades even Remote Code Execution Office vulnerabilities to ‘important,’ because a user interaction, such as opening a malicious file is required.
Bulletin 4 is a critical fix for Microsoft server software products and it includes Exchange and SharePoint, plus an update for Microsoft Office Web Apps 2010 Service Pack 1.
(Meanwhile a problem is reported with a windows API called GetGlyphOutline() is reported in Microsoft’s automatic patch update MS12-078/KB 2753842 ia Microsoft-designated critical patch that “resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Windows. For certain fonts. it fails to return the memory size needed to extract a character’s glyph’s curves. That means that any application trying to convert character to curves will fail in applications like Corel Draw that use Open Type fonts with Postscript outlines.)
