Nine security bulletins detailed by Microsoft for Patch Tuesday

by Mark Tyson on 13 October 2014, 10:20

Tags: Windows 7, Windows 8, Office 2010, Office 2007

Quick Link: HEXUS.net/qacj7z

Add to My Vault: x

Microsoft has issued an advance notification of what will be patched in October's 'Patch Tuesday'. Tomorrow there are nine security bulletins to be addressed by software updates. Three of the bulletins detail 'Critical Remote Code Execution' flaws in Windows, another five updates are tagged as 'Important' yet also include fixes for Remote Code Execution, Elevation of Privilege and a Security Feature Bypass.

Of the nine bulletins seven fix issues within Windows. Also it looks like some serious patching will be coming the way of Internet Explorer versions 6 to 11. Talking to NetworkWorld, Ross Barrett, senior manager of security engineering at Rapid7, said that the IE flaws are probably the most at risk of exploitation and would be among Microsoft's "top patching priorities".

Office users will receive Important Remote Code Execution patches and a Moderate Elevation of Privilege patch. Office version 2007 and 2010 on Windows (and Web Apps) get patched but Office 2013 is unaffected. Japanese users have a particular update for the Office 2007 IME (input method editor), it's rated moderate in severity.

Other updates include important fixes for the .NET framework and developer tools.

The updates will arrive at around 10am Pacific Daylight Time, 6pm British summer time tomorrow. A day later Microsoft will host a webcast "to address customer questions on the security bulletins". Interested computer users can check out the webcast here from 15th Oct 11am PDT, 7pm BST.



HEXUS Forums :: 1 Comment

Login with Forum Account

Don't have an account? Register today!
The question is what problems will these patches create ?! I don't think MS have had a single month in the last 12 that there patches don't break something.