Severity Rating: Critical
Revision Note: V1.1 (December 19, 2014): Revised bulletin to change the Known Issues entry in the Knowledge Base Article section from "None" to "Yes". Corrected mitigations and workarounds for the Internet Explorer Resource Information Disclosure Vulnerability (CVE-2013-7331).
Summary: This security update resolves one publicly disclosed and thirty-six privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

More...