To ring in the New Year, Microsoft has announced their January 2013 advanced notification for Patch Tuesday.  The January 2013 edition of Patch Tuesday will be bringing seven security bulletins addressing 12 vulnerabilities.

Security Bulletin Breakdown:

  • 2 bulletins are rated as Critical
  • 5 bulletins are rated as Important
  • 2 bulletins addressing vulnerabilities that could lead to Remote Code Execution
  • 3 bulletins addressing vulnerabilities that could lead to Elevation of Privilege
  • 1 bulletin addressing a vulnerability that could lead to Security Feature Bypass
  • 1 bulletin addressing a vulnerability that could lead to Denial of Service

Affected Products:

  • All supported Microsoft operating systems
  • Microsoft Office 2003, 2007
  • Microsoft Word Viewer
  • Microsoft Office Compatibility Pack
  • Microsoft Expression Web, Web 2
  • Microsoft SharePoint Server 2007
  • Microsoft System Center Operations Manager 2007, 2007 R2

If Adobe sticks to their previous release schedule, this Patch Tuesday will also include security updates for Adobe Acrobat and Reader during their quarterly update.  Adobe stated earlier this year that they were moving to a more standard cadence on Patch Tuesdays when necessary.  We could very well be seeing Adobe updates as the last time Adobe Acrobat and Adobe Reader were patched was during the October 2012 Patch Tuesday.

Mozilla is also on track to release an update for their Firefox browser during the week of Patch Tuesday with version 18.  Typically, Mozilla releases on the same day as Microsoft’s Patch Tuesday when their release cycle is during that week.

I will be going over the January Patch Tuesday patches in detail along with reviewing other non-Microsoft releases since the December Patch Tuesday in our monthly Patch Tuesday webcast.   This webcast is scheduled for next Wednesday, January 9th at 11:00 a.m. CT.  You can register for this webcast here.

- Jason Miller