Originally Posted by Suzanne Dickson
Microsoft’s November Patch Tuesday was fairly light with only 3 security bulletins covering 11 vulnerabilities, only one bulletin, MS10-087, was rated critical. The bulletin related to MS Office 2007 and Office 2010 vulnerability which could be exploited by a classic drive by type attack when a customer views a malicious RTF.
As Josh Abraham, Rapid7 security research analyst noted, the fact that November is fairly light could be a blessing. "Based on the huge amount of patches from last month, some customers might be up to speed while others are still struggling to catch up – this would depend on the unique customer and the strength of their vulnerability management program,” Abraham said. “Another thing that is interesting is that Microsoft has been breaking their own records with the number of bulletins they are releasing in a given month. To help everyone overall, a better approach would be to keep a semi-constant rate of patches every month so that system administrators are not over burdened during specific months.
For details regarding Microsoft’s November Patch Summary: http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx