It’s the final month of the year and the final Patch Tuesday of the year. The December 2013 Patch Tuesday features eleven security fixes – five of which are rated Critical and six of which are rated Important. These fixes are rolling out today.
Windows 8.1 will receive three Critical updates dealing with Remote Code Execution, along with one Important update. The operating system itself is affected by the vulnerability, along with Internet Explorer 11. Windows RT, on the other hand, also receives three Critical updates and one Important update.
These security updates range from Remote Code Execution to Elevation of Privilege and affect various Microsoft products such as Windows (from XP to 8.1) and Office (from 2003 to 2013).
Microsoft is still working on an issue, described in Security Advisory 2914486, which deals with a vulnerability in a kernel component of Windows XP and Windows Server 2003. No fix for this issue was released today.
“We’re still working to develop a security update and we’ll release it when ready. Until then, we recommend folks review the advisory and apply the suggested workaround on their Windows XP and Windows Server 2003 systems. Customers with more recent versions of Windows are not affected by this issue,” Microsoft explained.
These security updates roll out today, December 10, 2013, at approximately 10:00AM PST.Further reading: Microsoft, Patch Tuesday