Thursday, December 08, 2011

Security Bulletin Advance Notification for December, 2011

On Tuesday, December 13, 2011, Microsoft is planning to release fourteen (14) Security Bulletins, of which three bulletins are identified as Critical with the remaining as Important.

The bulletins address vulnerabilities in Microsoft Windows, Microsoft Office (including Microsoft Office for Mac) and Internet Explorer.  Most updates will require a restart to complete the installation.


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


ky331 said...

Something to keep in mind...

I don't know whether or not today's updates will address the DUQU vulnerability for which Microsoft issued a FixIt over a month ago (see )

IF today's update does, then it would be prudent to UNDO that fixit BEFORE applying today's updates.

My strategy is to run the UNDO first, then install the updates, and ultimately find out whether they addressed the DUQU issue. If so, we'd be done... and if not, we could always re-apply the [teporary] FixIt afterwards.

ky331 said...

MS11-087: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417) "addresses the vulnerability by modifying the way that a Windows kernel-mode driver handles TrueType font files" that was "first described in Microsoft Security Advisory 2639658" --- Microsoft Fix it 50792.

"After applying this security update, you should undo the workaround, "Deny access to T2EMBED.DLL", from systems where you have previously applied, it in order to restore functionality disabled by the workaround".

[I infer from this that is was permissible, though not required, to undo the workaround before applying today's security update.]

Corrine said...

I don't see where its a problem to run Microsoft Fix it 50793, which, by the way, is no longer included in the Security Advisory. The download link still works. It is available from Microsoft December 2011 Security Bulletin Release.

As you know, there were problems with updates relating to True Type Font being re-offered after the running the Fix it. As a result, many people removed it.