Company flag total 7 updates for Windows users, where one is rated as critical that could lead to remote code execution, where as other two are rated as important which fix flaws that could result in the operating system’s security features being bypassed. In addition to IE, Microsoft is fixing a critical flaw in Microsoft Word that could enable attackers to execute remote code. The vulnerability could be exploited by way of a malformed Rich Text Format (RTF) document. A pair of critical font parsing vulnerabilities are being patched this month, one for OpenType and the other for TrueType fonts.
Source: https://thehackernews.com/2012/12/microsoft-security-bulletins-for.html