With the release of the security bulletins for December 2010, this bulletin summary replaces the bulletin advance notification originally issued December 9, 2010. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification.

For December 2010, our regular monthly security update consists of 17 bulletins affecting Microsoft Office, Windows, Internet Explorer, SharePoint and Exchange.

We recommend this month that our customers give deployment priority to the two Critical-level bulletins in the update:

 MS10-090 (Cumulative Security Update for Internet Explorer)

 MS10-091 (Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Remote Code Execution)

As part of MS10-090, Microsoft is releasing an update to address the Internet Explorer vulnerability described in Security Advisory 2458511.

For information about how to receive automatic notifications whenever Microsoft security bulletins are issued, visit Microsoft Technical Security Notifications.

Microsoft is hosting a webcast to address customer questions on these bulletins on December 15, 2010, at 11:00 AM Pacific Time (US & Canada). Register now for the December Security Bulletin Webcast. After this date, this webcast is available on-demand. For more information, see Microsoft Security Bulletin Summaries and Webcasts.