Microsoft Patch Tuesday, December 2013

Microsoft today released its regular monthly batch of security updates for Windows and other software, summarized in the Security Bulletin Summary.  This month, there are 11 bulletins, addressing 24 identified vulnerabilities.  Five of the bulletins have a Critical severity rating; the other six are rated Important.  Six of the bulletins apply to Windows and its components and four apply to Microsoft Office.   There are also patches for Exchange, SharePoint, Office Web Apps, and Lync server software, as well as for some Microsoft developer tools. (The complete list of affected software is given in the Security Bulletin Summary, along with download links for the patches.)

All supported versions of Windows have at least two Critical bulletins.  The table below shows a breakdown of the Windows bulletins by severity and Windows version.

Windows Version Critical Important Moderate
Windows XP+SP3 3 2
Windows Vista 4 1
Windows Server 2003 2 3
Windows Server 2008 3 2
Windows 7 3 1
Windows Server 2008 R2 2 2
Windows 8 3 1
Windows RT 3 1
Windows Server 2012 2 2
Windows Server 2012 R2 2 2
Windows 8.1 3 1
Windows RT 8.1 3 1
Windows Server Core 3 1

One bulletin applicable to Office is rated Critical; the others are rated Important.

Microsoft says that four of the bulletins for Windows will definitely require a restart; the other bulletins may require one, depending on your system’s configuration.

The SANS Institute has published its usual post summarizing the updates, with their assessment of the severity of each bulletin.

Comments are closed.

%d bloggers like this: