Microsoft readies four critical fixes for Patch Tuesday

Share this article:
Microsoft has 14 patches prepared for next week, including high-priority fixes.
Microsoft has 14 patches prepared for next week, including high-priority fixes.

Microsoft plans to deliver 14 patches as part of its monthly Patch Tuesday security update, including fixes that address troubling remote code execution flaws in its products.

Four of the patches, or Microsoft “bulletins,” will plug critical remote code execution vulnerabilities in the Microsoft Office, Windows and Server software, an advanced notification from the software giant said on Thursday.

Wolfgang Kandek, CTO at vulnerability and compliance management firm Qualys, said in prepared comments that one critical patch, Bulletin #2, should be top of mind because of how easy it is for miscreants to target victims.

“Bulletin #2 should be high priority for your desktop security team; it addresses a flaw in Microsoft Office that can be triggered simply by previewing an email in Outlook, even without explicitly opening the email,” Kandek warned. Users running Outlook 2007 and 2010 can update their software with the patch.

Other fixes deemed “critical,” Microsoft's highest rating, update the company's Sharepoint Server product, Internet Explorer versions 6 to 10, and operating systems Windows XP and Windows Server 2003.

Bulletins ranked “important” also included fixes for remote code execution flaws and vulnerabilities that could allow an attacker to carry out a denial-of-service, or give saboteurs elevated privileges. Another security issue, which could allow users' private data to be disclosed to attackers, will also be plugged with the Patch Tuesday update.

Share this article:

Sign up to our newsletters

More in News

BlackBerry acquires voice and data encryption firm Secusmart

On Tuesday it was announced that the phonemaker would purchase the voice and data encryption firm.

OTI report exposes economic costs of NSA spying

OTI report exposes economic costs of NSA spying

A report from New America OTI found that the NSA surveillance program has had a chilling effect on U.S. commerce and foreign policy.

Breach index: Encryption used in 23 percent of Q2 incidents

Breach index: Encryption used in 23 percent of ...

Out of the 237 disclosed data breaches last quarter, encryption was used in only 10 instances.