Patch Tuesday Brings Four Security Updates, Leaves Duqu Unpatched

Pulkit Chandna

Yesterday was no ordinary Tuesday. It was Microsoft’s eleventh Patch Tuesday of 2011. In keeping with Microsoft’s practice of releasing a lower volume of patches during odd-numbered months as compared to even ones, this month’s Patch Tuesday only contains four security bulletins, which is half of what the company shipped in October.

Microsoft’s latest batch of patches contains two “important”, one “moderate” and one “critical” update. However, it does not contain any patch for the Kernel vulnerability being exploited by the Duqu computer virus. A few days back, the software giant said that it plans “to release the security update [targeting Duqu] through our security bulletin process, although it will not be ready for this month's bulletin release.”

Duqu aside, the most important security update this month happens to be MS11-083. It carries Microsoft’s highest severity rating - critical. The vulnerability it addresses can be used to “allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system.”

Around the web