Microsoft has issued its final scheduled security update of 2008.
The December Patch Tuesday release includes updates for 27 separate vulnerabilities spread out over eight bulletins.

Release closes out 2008 security schedule
vnunet.com, 10 Dec 2008
Microsoft has issued its final scheduled security update of 2008.
The December Patch Tuesday release includes updates for 27 separate vulnerabilities spread out over eight bulletins.
Six of the bulletins have been rated as critical, the highest of Microsoft's four security alert levels. If exploited, each could allow an attacker to remotely execute code by way of a specially-crafted file or web page.
One of the bulletins addresses remote code flaws in Internet Explorer, while another addresses an ActiveX component flaw in Visual Basic. Other bulletins address issues in the handling of Windows WMF files and a remote code execution flaw in Windows Search.
Office also received several critical bulletins. Microsoft issued fixes for remote code execution vulnerabilities in Office's handling of Excel spreadsheets, Word documents and Rich Text Files.
The two remaining bulletins were classified as "important", the third of the company's four alert levels. Those two addressed remote code execution flaws in the handling of Windows Media Format components as well as a vulnerability in SharePoint that could be used to obtain elevated privileges.
Barring the release of an out-of-cycle security patch, the December update will be the final set of bulletins issued by Microsoft this year.
Users can obtain the updates from Windows automatic updates component or manually download the update from the company's web site.

Sophos identified a new infected web page every four and a half seconds during 2008
Dr Qi Lu becomes latest defection
Sophos argues that updating rather than removing the post would have been best course of action

Have you got a burning desire to quiz experts from...

Figleaves founder argues platform-as-a-service vendor will emerge to shake up...
Do you agree?
Have your say on this article