Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for December 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which update should be applied.
Additional information regarding the vulnerability identified in Microsoft Security Bulletin MS11-091 can be found in US-CERT Vulnerability Note VU#361441.