The security folks over at Redmond have posted details of the final Patch Tuesday update cycle for the year. The December 2013 Patch Tuesday brings with it a number of fixes rated Critical and Important.
The Advanced Notification Security Bulletin for this month reveals that the software titan is planning to release no less than 11 security updates to fix flaws across its product range — Windows, Office and Internet Explorer are all in on the action.
Five of these eleven bulletins address critical vulnerabilities, but as is usually the case, only limited information is provided in order to ensure safety of the users. Full details of what is fixed (and what is not) will be provided on Patch Tuesday.
This month’s event falls on December 10, so only a few days remain before these fixes fly off the servers and are deployed on computers and devices of users of Microsoft products.
Speaking of which, the products that are set to be patched next week include Windows, Office, Lync, Internet Explorer, Exchange, Visual Studio Team Foundation Serve 2013 and ASP.NET SignalR — in other words, a pretty wholesome affair.
As the link above shows, several of these flaws allow remote execution of code, while a few provide attackers that exploit them with elevation of privilege.