14 DAY TRIAL // Provided that Microsoft won’t offer an out-of-band patch for a zero-day vulnerability impacting supported versions of Internet Explorer in the next three days or so, the company’s security bulletin count for 2010 will stop at 106. If you want to check out each security updated provided by the Redmond company this past year, make sure to head over to the Microsoft Security Bulletin Search site and select the ‘within the last year’ option in the search tool provided by the software giant.
A list featuring all 106 security bulletins will be provided, and you can get insight into any of the patch packages that made it out to users in 2010.
“Looking back over 2010, that brings the total bulletin count to 106, which is more bulletins than we have released in previous years,” revealed Mike Reavey, Director, MSRC in the first half of December, as the company was getting ready to release its final batch of security bulletins for the year.
“This is partly due to vulnerability reports in Microsoft products increasing slightly, as indicated by our latest Security Intelligence Report.”
No less than 40 vulnerabilities in Windows, Office, Internet Explorer, SharePoint and Exchange were patched this December a total of 17 security bulletins, quite the record for Microsoft, even though just a couple were considered Critical.
While the software giant’s latest products are superior in terms of user protection compared to their predecessors, older versions are also supported and used daily, and with a continuously evolving threat landscape, the number of vulnerabilities discovered increases.
Security is essentially a chess game, with software companies needing to stay at least one step ahead of attackers.
However, this becomes harder and harder to do for older products that are no match for the latest vulnerability research techniques.
“Older products meeting newer attack methods, coupled with overall growth in the vulnerability marketplace, result in more vulnerability reports.
“Meanwhile, the percentage of vulnerabilities reported to us cooperatively continues to remain high at around 80 percent; in other words, for most vulnerabilities we're able to release a comprehensive security update before the issue is broadly known,” Reavey added.