Microsoft recently overhauled its Security Update Guide, the web-based resource meant to be the definitive guide to Microsoft software updates. I don’t know what they had in mind, but from the standpoint of usability, there’s little improvement.
I still recommend using the SUG’s handy Download
link to save the data in spreadsheet form, which you can then open in an Excel-compatible program, and use filtering and sorting functions to extract the information you need.
The official release notes for this month’s crop of updates is somewhat useful, although it contains neither a complete list of updates nor a complete list of vulnerabilities. It does at least provide a list of the software affected by the updates: Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft Edge for Android, ChakraCore, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK, and Azure Sphere.
The Vulnerabilities
tab of the SUG lists fifty-nine vulnerabilities that are addressed by the December updates. That matches the total I obtained in my analysis of the data. As for the number of actual updates, that’s increasingly difficult to determine. There are references to forty-seven help articles and twenty-one sets of release notes in the SUG data.
As usual, Windows 10 computers will get the relevant updates installed when Microsoft feels like it. Windows 8.1 computers are best updated via the Windows Update applet in the Control Panel. Users of Windows 7 and earlier versions are still pretty much out of luck, though it’s worth checking Windows Update anyway.