We come to the last set of updates for 2012, and it’s the usual round of suspects — new Internet Explorer and Windows kernel fixes.
But many Windows users will also see an awkward assortment of reissued patches and a slew of Win8 fixes.
Finishing the year with another browser patch
It would not be Patch Tuesday without another fix for Internet Explorer. Even if you use another browser for your day-to-day Web activities, you should install most (if not all) IE updates. KB 2761465 is rated critical only for Vista SP2 and Windows 7 systems using IE 9, and Windows 8 systems using IE 10.
What to do: Install KB 2761465 (MS12-077) without delay.
MS12-078 (2753842, 2779030)
Another round of kernel and font fixes
Once again, we’re stomping out bugs in fonts and the Windows kernel — specifically, the TrueType or OpenType font drivers ATMFD and win32k.sys. The updates impact all supported Windows versions except Windows RT, and they’re rated critical.
What to do: It’s anticipated that attackers will use this vulnerability as part of blended attacks. Install KB 2753842 and/or KB 2779030 (MS12-078) as soon as possible.
UPDATE, 2012-12-14: KB 2753842 changed to Wait for now. There are reports the update causes fonts to disappear in CorelDRAW. Other graphics apps might be affected, too.
UPDATE, 2012-12-20: Today, Microsoft released an update of KB 2753842 to solve an OpenType conflict associated with the original patch. You should either install or reinstall KB 2753842.
MS12-079 (2760410, 2760416, 2760421, 2760497)
RTF files, opened in Word, lead to remote attacks