Microsoft today has released seven security related bulletins that fix issues in the Windows operating system and in Microsoft's Developer Tools. One bulletin has received the maximum severity rating of critical, the highest available rating, while the remaining six bulletins have all received a rating of important, the third highest rating.
It is interesting to note that the severity rating of the first bulletin is critical on Windows XP and Vista, while only important on Windows 7 and Windows Server 2008 R2. When you look at all bulletins you will notice that Windows XP is affected by all, Vista by five and Windows 7 by four of the vulnerabilities addressed in the bulletins.
The Security Bulletins have just been posted on Microsoft's Technet website. Here is this month's summary with links to each security bulletin.
The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. The attacker could then take complete control of the affected system and install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability can only be exploited on systems configured with a Chinese, Japanese, or Korean system locale.
The updates are already available on Windows Update. The easiest way to open the updating tool is to click on the start menu orb and select Windows Update from the program listing there.
Windows users who do not want to or can't use Windows Updates can download the updates from Microsoft's Download Center beginning later today. Microsoft as usual will release an ISO image with all security updates of the month for easier distribution.
Update: The severity and exploitability index and bulletin deployment information have been posted.
The next security updates will be released on February 14, 2012.
If you like our content, and would like to help, please consider making a contribution: