MS lines up six critical fixes for Tuesday
Patches stick to the usual suspects
Microsoft is preparing eight patches - six of which cover critical vulnerabilities - for next Tuesday as part the last edition this year of its monthly Patch Tuesday update cycle.
The critical updates cover separate vulnerabilities involving Word and Excel as well a duo of vulnerabilities involving various flavours of Windows and a cumulative patch for Internet Explorer. A critical update for Visual Basic completes the sextet.
One of the two critical Windows updates is applicable only to Vista and Windows 2008. There's speculation that the other - a fix for Win 200 and XP - involves a bug known about since April and actively exploited since late October.
The less serious "important" updates covers bugs in windows Media Player, involving remote code execution (so why isn't it called critical?), and a separate flaw in Microsoft's SharePoint server software.
As usual, details have been withheld pending the release of the updates on 9 December. Microsoft pre-alert advisory can be found here.
Sponsored: Okta Security: Technical White Paper