Microsoft Security Bulletin Summary for December 2011

On Tuesday December 13th, while I was driving from Iowa to Oklahoma City, Microsoft released 13 security bulletins. Three of them are rated as “critical” and 10 rated as “important”.

Critical:

  • MS11-087 – Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417)
  • MS11-090 – Cumulative Security Update of ActiveX Kill Bits (2618451)
  • MS11-092 – Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)

Important:

  • MS11-088 – Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016)
  • MS11-089 – Vulnerability in Microsoft Office Could Allow Remote Code Execution (2590602)
  • MS11-091 – Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2607702)
  • MS11-093 – Vulnerability in OLE Could Allow Remote Code Execution (2624667)
  • MS11-094 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2639142)
  • MS11-095 – Vulnerability in Active Directory Could Allow Remote Code Execution (2640045)
  • MS11-096 – Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2640241)
  • MS11-097 – Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712)
  • MS11-098 – Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171)
  • MS11-099 – Cumulative Security Update for Internet Explorer (2618444)

A more technical version of the Security Bulletin can be found at Microsoft TechNet and an end-user version is available at Microsoft’s Safety & Security Center website.

Also, check for updates at Microsoft Update.

See also the MSRC blog: The December bulletins are released.

More information is available at the website of Microsoft Security Response Center.

Still from the desk at my favorite Starbucks store in Oklahoma City. Next month we’ll be back from the Seattle area.

A Merry Christmas and Happy and Secure New Year to all…

Leave a Reply

Your email address will not be published. Required fields are marked *