December patches and a 2007 retrospective

Today is ‘Patch Tuesday’ and this month Microsoft has announced that there will be seven security bulletins, three of which it rates ‘Critical’ and four of which it rates ‘Important’.

The Critical bulletins affect DirectX, Windows Media Format Runtime and Internet Explorer.

You can find more information here.

Make sure you patch your system. The easiest way to make sure you stay up-to-date is to enable Automatic Updates. You can find guidelines on applying Automatic Updates here.

The use of unpatched vulnerabilies continues to be a significant part of the threat landscape, so it’s no surprise that Micrsoft has been kept busy this year. Here’s a summary of this year’s patches.

Critical Important Moderate
January 3 1
February 6 6
April 5 1
May 7
June 4 1 1
July 3 2 1
August 6 3
September 1 3
October 4 2
November 1 1
December 3 4

Patched security vulnerabilities in 2007

The situation in 2007 hasn’t changed noticeably from 2006. Last year there were 49 critical, 23 important, and 5 moderate updates. 2007 brought very slightly fewer patches, with 43 critical, 24 important, and 2 moderate fixes. If you want to take a look at last year’s chart, it’s here.

December patches and a 2007 retrospective

Your email address will not be published. Required fields are marked *



Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox