The Register® — Biting the hand that feeds IT

MS lines up six critical fixes for Tuesday

Patches stick to the usual suspects

Free whitepaper – Securing your online data transfer with SSL

Microsoft is preparing eight patches - six of which cover critical vulnerabilities - for next Tuesday as part the last edition this year of its monthly Patch Tuesday update cycle.

The critical updates cover separate vulnerabilities involving Word and Excel as well a duo of vulnerabilities involving various flavours of Windows and a cumulative patch for Internet Explorer. A critical update for Visual Basic completes the sextet.

One of the two critical Windows updates is applicable only to Vista and Windows 2008. There's speculation that the other - a fix for Win 200 and XP - involves a bug known about since April and actively exploited since late October.

The less serious "important" updates covers bugs in windows Media Player, involving remote code execution (so why isn't it called critical?), and a separate flaw in Microsoft's SharePoint server software.

As usual, details have been withheld pending the release of the updates on 9 December. Microsoft pre-alert advisory can be found here.

Free whitepaper – Vulnerability management buyer's checklist

Don’t Miss

GoogleGoogle cloud told to encrypt itself

Updated R in RSA wants s in https

thumbs down teaser 75Buggy 'smart meters' open door to power-grid botnet

Grid-burrowing worm only the beginning

Flag ChinaChinese firm hits back at cyberspy claims

Exclusive Huawei welcomes UK.gov backdoor probe

BlockMaster SafeStickBlockMaster SafeStick hardware-encrypted USB drive

Review Tough enough?