Microsoft kicks off 2013 with 12 Patch Tuesday security fixes

Microsoft kicks off 2013 with 12 Patch Tuesday security fixes

Summary: Microsoft's first security fixes of 2013 will address 12 vulnerabilities and be available for download next Tuesday.

TOPICS: Security, Microsoft

Microsoft is set to roll out two critical and five important security updates next week to eliminate potential threats that exist in everything from Windows to Office. 

A total of 12 security flaws will be fixed as part of its monthly security update cycle, the company said on Friday in a blog post on the Microsoft Security Response Centre page. 

"With 2013 starting on a Tuesday, our monthly bulletin release is upon us a bit earlier than usual," said Dustin Childs, group manager of Microsoft Trustworthy Computing, in the blog post.

"Next Tuesday we'll release seven bulletins; two critical and five important, which address 12 vulnerabilities. The critical-rated bulletins address issues in Microsoft Windows, Office, Developer Tools and Microsoft Server Software. The important-rated bulletins address issues in Microsoft Windows, .NET Framework and Microsoft Server Software."

However, there is no mention of a fix for the Internet Explorer exploit discovered by FireEye, for which Microsoft issued a security alert on 29 December. 

The patches will be released on 8 January at 6pm GMT along with advisory notices for IT managers on the recommended deployment strategy. 

Last month Microsoft introduced seven updates, which included critical fixes for Internet Explorer 10 and Windows 8.

Topics: Security, Microsoft

Sam Shead

About Sam Shead

Sam is generally at his happiest with a new piece of technology in his hands or nailing down an exclusive story. In the past he's written for The Engineer and the Daily Mail. These days, Sam is particularly interested in emerging technology, datacentres, cloud, storage and web start-ups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • There is a work around for the IE issue

    Apply Microsoft Fix it 50971 listed in that security alert link.


    “However, there is no mention of a fix for the Internet Explorer exploit discovered by FireEye, for which Microsoft issued a security alert on 29 December.”
    • It's also questionable whether Microsoft will issue an out-of-band update

      Remember, this vulnerability with at least two known exploits in-the-wild is primarily a problem for those running Internet Explorer 8 (or earlier) on Windows XP as Internet Explorer 9 is not supported on the older OS. Yet another opportunity for Microsoft to get customers to upgrade their Windows XP systems to Windows 8.

      Windows Vista and 7 users, if they have not already done so, can simply upgrade Internet Explorer 8 to version 9 and protect themselves from these exploits.

      And, seriously, Windows XP users should switch their primary browser to Google Chrome, Comodo Dragon, Mozilla Firefox or Opera. Google Chrome, btw, is the only web browser that is sandboxed on Windows XP.

      P.S. As for applying Microsoft's fixit, one can alternatively download, install and configure Microsoft's EMET for Internet Explorer on Windows XP, Vista and 7 as EMET mitigates the exploits. This will provide additional protection from future IE exploits that are sure to come.
      Rabid Howler Monkey
  • Get it out the door.

    This causes the bean counters to be blindsided by Customers who don't agree with MS's save money now policy. It's the change that corporations go through when they start making things for their convenience and forget that the money comes from a Customer who doesn't want to be pooped on with indifference. Apple will begin to go this way too.