{"id":2175,"date":"2012-12-12T00:00:00","date_gmt":"2012-12-12T00:00:00","guid":{"rendered":"http:\/\/otava.test\/december-microsoft-security-update\/"},"modified":"2012-12-12T00:00:00","modified_gmt":"2012-12-12T00:00:00","slug":"december-microsoft-security-update","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/","title":{"rendered":"December Microsoft Security Update"},"content":{"rendered":"<p>December\u2019s Microsoft security updates were published Tuesday, the 11th. There were seven patches, predominantly regarding remote code execution in Office, Windows, and IE.<\/p>\n<p>In Internet Explorer there were critical vulnerabilities, the worst of which, caused by a user going to a malicious site, would allow a remote code execution, and has the potential to give the attacker the same permissions as the user. Another patch, this one for all supported releases of Microsoft Windows, addressed the way that that Window\u2019s kernel-mode drivers were handling objects in memory, in regards to vulnerabilities that could allow remote code execution by someone opening a specifically made document or going to a webpage that embeds TrueType or OpenType font files. Both require a restart.<\/p>\n<p>There was also a critical vulnerability within Microsoft Word that could allow an attacker to gain the same rights as a user if the user opened a specially crafted RTF file or previewed\/opened a specially crafted RTF email message in Outlook if Microsoft Word is the email viewer, triggering a remote code execution action. This is an interesting and particularly worrisome issue, because it doesn\u2019t require any sort of interaction from the user. They wouldn\u2019t have to actually click on anything for this exploit to take place within Outlook, which would make it even easier for an attacker to get the rights of the user. This particular update is considered critical for all editions of Word 2010 and 2007. It\u2019s rated important for all supported editions of Word 2003, Word Viewer, Office Compatibility Pack, and Microsoft Office Web Apps.<\/p>\n<p>It\u2019s recommended that users check the <a href=\"https:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms12-dec\">update<\/a> in order to find more information on the full list of patches available this month, as well as specifics regarding what software is affected by these vulnerabilities.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>December\u2019s Microsoft security updates were published Tuesday, the 11th. There were seven patches, predominantly regarding remote code execution in Office, Windows, and IE. In Internet Explorer there were critical vulnerabilities, the worst of which, caused by a user going to a malicious site, would allow a remote code execution, and has the potential to give the attacker the same permissions as the user. Another patch, this one for all supported releases of Microsoft Windows, addressed the way that that Window\u2019s kernel-mode drivers were handling objects in memory, in regards to vulnerabilities that could allow remote code execution by someone opening a specifically made document or going to a webpage that embeds TrueType or OpenType font files. Both require a restart. There was also a critical vulnerability within Microsoft Word that could allow an attacker to gain the same rights as a user if the user opened a specially crafted RTF file or previewed\/opened a specially crafted RTF email message in Outlook if Microsoft Word is the email viewer, triggering a remote code execution action. This is an interesting and particularly worrisome issue, because it doesn\u2019t require any sort of interaction from the user. They wouldn\u2019t have to actually click on&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[59],"tags":[],"other_category":[],"class_list":["post-2175","post","type-post","status-publish","format-standard","hentry","category-information-technology-tips"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>December Microsoft Security Update | OTAVA<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"December Microsoft Security Update\" \/>\n<meta property=\"og:description\" content=\"December\u2019s Microsoft security updates were published Tuesday, the 11th. There were seven patches, predominantly regarding remote code execution in Office, Windows, and IE. In Internet Explorer there were critical vulnerabilities, the worst of which, caused by a user going to a malicious site, would allow a remote code execution, and has the potential to give the attacker the same permissions as the user. Another patch, this one for all supported releases of Microsoft Windows, addressed the way that that Window\u2019s kernel-mode drivers were handling objects in memory, in regards to vulnerabilities that could allow remote code execution by someone opening a specifically made document or going to a webpage that embeds TrueType or OpenType font files. Both require a restart. There was also a critical vulnerability within Microsoft Word that could allow an attacker to gain the same rights as a user if the user opened a specially crafted RTF file or previewed\/opened a specially crafted RTF email message in Outlook if Microsoft Word is the email viewer, triggering a remote code execution action. This is an interesting and particularly worrisome issue, because it doesn\u2019t require any sort of interaction from the user. They wouldn\u2019t have to actually click on...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2012-12-12T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"December Microsoft Security Update\",\"datePublished\":\"2012-12-12T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\"},\"wordCount\":301,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"articleSection\":[\"Information Technology Tips\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\",\"url\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\",\"name\":\"December Microsoft Security Update | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2012-12-12T00:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"December Microsoft Security Update\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"December Microsoft Security Update | OTAVA","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/","og_locale":"en_US","og_type":"article","og_title":"December Microsoft Security Update","og_description":"December\u2019s Microsoft security updates were published Tuesday, the 11th. There were seven patches, predominantly regarding remote code execution in Office, Windows, and IE. In Internet Explorer there were critical vulnerabilities, the worst of which, caused by a user going to a malicious site, would allow a remote code execution, and has the potential to give the attacker the same permissions as the user. Another patch, this one for all supported releases of Microsoft Windows, addressed the way that that Window\u2019s kernel-mode drivers were handling objects in memory, in regards to vulnerabilities that could allow remote code execution by someone opening a specifically made document or going to a webpage that embeds TrueType or OpenType font files. Both require a restart. There was also a critical vulnerability within Microsoft Word that could allow an attacker to gain the same rights as a user if the user opened a specially crafted RTF file or previewed\/opened a specially crafted RTF email message in Outlook if Microsoft Word is the email viewer, triggering a remote code execution action. This is an interesting and particularly worrisome issue, because it doesn\u2019t require any sort of interaction from the user. They wouldn\u2019t have to actually click on...","og_url":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/","og_site_name":"OTAVA","article_published_time":"2012-12-12T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"December Microsoft Security Update","datePublished":"2012-12-12T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/"},"wordCount":301,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"articleSection":["Information Technology Tips"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/","url":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/","name":"December Microsoft Security Update | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2012-12-12T00:00:00+00:00","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/december-microsoft-security-update\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"December Microsoft Security Update"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=2175"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/2175\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=2175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=2175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=2175"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=2175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}