A new exploit, targeted at users of older versions of Internet Explorer, recently surfaced. IE 9 and 10 are not vulnerable to this exploit.
Microsoft is working on a patch, but until it’s available, anyone using Internet Explorer 6, 7 or 8 should exercise extreme caution when browsing the web, or – better yet – switch to a different browser such as Firefox, Opera or Chrome.
Unfortunately for anyone still using Windows XP, including a large number of corporate users, recent versions of IE (9 and 10) don’t run on that version of Windows. XP users are strongly encouraged to stop using Internet Explorer.
A new version of Opera was made available today. Version 12.12 fixes a few security issues and other minor bugs.
This month there are seven bulletins, addressing twelve issues in Windows, Internet Explorer (including IE 10) and Office. The Microsoft Security Response Center has a useful summary. For the gory details, see the official security bulletin for the December updates over at Technet.
Here are the bulletins:
Adobe has released new versions of Flash for all platforms. Windows users are encouraged to update Flash to the new version: 11.5.502.135.
Internet Explorer 10 and Google Chrome users will get the equivalent patch in the form of updates from Microsoft and Google, respectively.
The new versions fix a serious security issue in Flash.
The latest version of Google’s web browser has a few minor fixes, including one for a bug that caused the browser to crash in certain situations. Several security issues are also addressed in this version.
Microsoft has issued their monthly heads up for December’s patches.
The associated Security Bulletin outlines seven upcoming bulletins that address eleven security vulnerabilities, affecting Windows, Word and Internet Explorer (including IE 10).
The patches will become available at about 10am PST on December 11, 2012.
The latest version of Google’s Chrome web browser includes two security fixes and a few minor non-security fixes.
The latest version of Firefox includes several bug fixes, as well as some performance tweaks. The most notable changes are listed on the version 17.0.1 release notes page, while the 17.0.1 bug fixes page lists every change.
Version 23.0.1271.91 of Chrome includes several security and other bug fixes.
The latest version of Firefox includes some security improvements designed to help prevent malware infection via out of date versions of Adobe Reader, Adobe Flash and Microsoft Silverlight. Specifically, when Firefox tries to display content using those older plugins, it will prompt the user for confirmation.
Version 17 also includes the usual assortment of security, performance and other bug fixes.