The fixes cover a range of products, from Microsoft Windows, Office, Internet Explorer (IE), Microsoft Exchange Server and the .NET Framework. As is well known the biggest headache is Internet Explorer, which is such a hotchpotch, requires patches from 2 different bulletins to fix 14 different vulnerabilities.
Incidentally Adobe also has released fixes for Adobe released updates for Flash Player, Adobe Reader, Adobe AIR and Shockwave player.
Experts snicker that the hurry to fix the Internet Explorer is the upcoming Pwn2own browser hacking event. Pwn2own 2013 takes place March 6-8 at the CanSecWest 2013 conference in Vancouver, Canada.
The 2013 Pwn2own will reward the first researcher to hack IE 10 running on Windows 8 with $100,000 in cash. (They will also reward the first successful hacker of Google Chrome $100,000, Firefox $60,000, and Safari $65,000).
For the first time, Pwn2own will also target browser plugins with $70,000 for successful exploitation of Adobe Flash on IE 9 running on Windows 7 and $20,000 for Oracle Java.
BTW Belarc Advisor hasn’t yet caught up with the security bulletin summary, so better download your updates from the bulletin page. That is assuming that you don’t keep automatic updates *on*, like me.