Today Microsoft published its December list of security bulletins. There are two, one of which is ranked Critical by Microsoft; the other is labeled Important. The most critical flaw announced today affects versions of Microsoft Internet Explorer found on most Windows machines, versions Windows 98 through XP. The Important flaw affects the Windows kernel. Patches are available via Microsoft Update
. For context on what these security bulletins mean, see News.com
for more details.
Entitled "Cumulative Security Update for Internet Explorer," this bulletin affects all versions of Windows XP SP1 and all versions of Internet Explorer 5.01 through 6.x. It supercedes MS05-052, released in October 2005. The flaw can lead to file tampering on unprotected machines.
Entitled "Vulnerability in Windows Kernel Could Allow Elevation of Privilege," this bulletin affects all versions of Windows. Under certain circumstances, this flaw could allow a remote attacker to take control of your PC.