December’s Patch Tuesday brought some good news and some not-so-good news: the vulnerability exploited by the Duqu Trojan was patched, but another another security issue involving encrypted communications in Internet Explorer is still waiting on a fix. This month saw thirteen security bulletins released on the 13th; we hope that doesn’t portend bad luck with the updates.
The missing update would have addressed the BEAST (Browser Exploit Against SSL/TLS) software that was released in September to decrypt parts of an encrypted data stream. The update was reportedly delayed because of an incompatibility with SAP.
Read more here: