Patch Tuesday comes early this month, since January started on a Tuesday. There are seven bulletins, addressing twelve issues in Windows, admin software and developer tools.
2013’s first Patch Tuesday arrives at 10am on January 8. This month will see seven bulletins, addressing a total of twelve vulnerabilities in Windows, Office, Microsoft developer tools and server software. Two of the bulletins are rated Critical. You can find all the details in the advance notification bulletin.
Microsoft chose not to use the regular Flash plugin in Internet Explorer 10, deciding instead to integrate the player into the IE10 code. As a result, any time the Flash player is updated, Microsoft must make corresponding changes to IE10. Hence the delay in producing the patch for IE10. Google now does the same thing with their Chrome browser, but they tend to make the required changes much more quickly.
This month’s Ouch! newsletter (PDF) from SANS lists the steps necessary for users to secure their computers. If you’re doing everything on this list, pat yourself on the back. If not, it’s time to take action.
The latest version of Google’s web browser has a few minor fixes, including one for a bug that caused the browser to crash in certain situations. Several security issues are also addressed in this version.