Report finds improvement but is is enough?
This year's contest offers a grand prize of $150,000 that requires researchers to deal with Microsoft's EMET anti-exploit toolkit.
Three of the four updates for Windows on Patch Tuesday will affect Windows XP, which is scheduled for retirement in April.
Security analysts advise applying critical Oracle and Adobe patches before those from Microsoft.
Subscribers to organizations that sell exploits for flaws not yet known to software developers learn early about vulnerabilities in popular programs, a study says.
Microsoft issued five critical security bulletins in December's round of Patch Tuesday.
Microsoft wraps up the year's Patch Tuesday bulletins next week with 11 more fixes, pushing this year's total to 106, up from 83 in 2012.
Attackers are exploiting security holes found in older versions of Office and Windows, plus current versions of Lync. A fix is available, however.