Tuesday, December 11, 2007, is the last 'Patch Tuesday' of the year, and Microsoft's getting ready to hand out significant security fixes for Windows 2000, XP, Vista, Windows Media Format runtime, Internet Explorer, and DirectX. Here's what to expect.
A Trio of Critical Patches
First up is a remote code execution patch for DirectX versions 7.0 (Windows 2000) through 10.0 (Windows Vista). Multimedia users will also need to get patching with a remote code execution patch for Windows Media Format runtime for all Windows versions from Windows 2000 and Windows XP to Windows Vista). Third on the list of "must squash now" bugs is yet another remote code execution patch for Internet Explorer versions for Windows 2000, XP, and Vista all the way back to the pre-Cambrian version IE 5.01 SP4 and all the way forward to IE7 for Windows XP and Vista.
As a security expert interviewed by InfoWorld points out, these fixes are designed to prevent attacks that take advantage of users' desires to view online multimedia content, which would be just about everyone that reads this page (and uses Windows).
A Quartet of Important Patches
Patch Tuesday will also roll out a quartet of so-called 'important' patches for Windows:
Remote code execution fix for Windows Vista
Remote code execution fix for Windows 2000 SP4 and Windows XP
Elevation of privilege fix for Windows Vista
Local elevation of privilege fixes for Windows XP SP2 and Windows Server 2003.
Critical, Important, What's the Difference?
A 'critical' patch blocks Internet worms that don't require you to click, open, or view an attachment or website to start. An 'important' patch blocks attacks that compromise local systems.
Details to Follow
Once 'Patch Tuesday' arrives, we'll have more details on these and other non-security updates for your Redmond-powered PC. In the meantime, think before you click.
Know a Windows Vista newbie? Help a new Vista user get up to speed with Mark's book Maximum PC Microsoft Windows Vista Exposed. It's a great introduction to what's new and different in Windows Vista, and it's available from Amazon.com and other fine bookstores.