It’s the holiday season and Microsoft has some presents for you! Patches to fix holes and flaws in its software—just what you wished for. You’ve all been good this year so the much anticipated patch to plug up the Duqu exploit is in your stocking. So get to decking those halls and patching those holes!
This month saw 13 security bulletins posted, more than usual according to Microsoft. Of the 13 only three are rated critical though. While the Duqu patch has been on everyone’s Christmas list this year, one item on your lists that won’t be making an appearance is a patch for the BEAST attack.
BEAST (Browser Exploit Against SSL/TLS) is an attack on the SSL/TLS encryption that a good chunk of all websites use for security. It appeared in September and like Duqu Microsoft released a temporary fix with intentions of a eventually having a full fix available. Today Duqu gets the full meal deal but you’ll all have to wait for BEAST to get the same treatment. Blame a third-party application. They always delay things.
Don’t be too disappointed – you still get the Duqu fix and 12 others. Enjoy the last patches of 2011!
For more info on the patches releases today check out Microsoft’s announcement here: Security Bulletin: Microsoft November Patch Tuesday.