Security administrators are in for a busy holiday season after Microsoft confirmed that the December Patch Tuesday release will include 14 bulletins covering 20 vulnerabilities in a range of products.
Microsoft said in the Security Bulletin Advance Notification for December 2011 that three of the 14 bulletins are rated 'critical', the highest severity rating, and could allow remote code execution on infected XP, Vista and Windows 7 systems.
Bulletins 1 and 2 also affect Windows Server 2003, while Windows Server 2008 is affected only by the first critical bulletin.
The remaining 11 bulletins are rated 'important' and cover remote code execution and elevation of privilege flaws.
"Five of the 'important' bulletins affect Office 2003, 2007 and 2010 including all Office versions for Macintosh as well," explained Wolfgang Kandek, chief technology officer at vulnerability management firm Qualys.
"One of the remaining bulletins addresses Internet Explorer 6 through 9, and the remaining bulletins apply to all versions of Windows."
Although not specifically referred to in the security bulletin, it is also believed that Microsoft will patch the flaw in TrueType font parsing which was exploited by the Duqu Trojan.
System administrators are likely to be kept doubly busy as Adobe is set to release an update for Reader and Acrobat 9.x for Windows this week to address a critical vulnerability which could cause a system crash and allow attackers to take control of an affected system.
The flaw is actively being exploited in the wild via malicious PDF email attachments, according to security researchers.
Antarctica lost on average 252 gigatons of ice mass per year from 2009 to 2017, claims study
Buyers can demand refunds if they've had a game for no more than 14 days and not registered more than two hours of play
Total lunar eclipse 2019: 'Super Blood Wolf Moon' to be visible across Europe and North America on Sunday night
Moon will turn reddish-orange in colour during this weekend's total lunar eclipse
Hackers to compete for prize money of between $35,000 and $250,000 cracking the Tesla Model 3 at this year's Pwn2Own contest