Microsoft readies four critical fixes for Patch Tuesday

Share this article:
Microsoft has 14 patches prepared for next week, including high-priority fixes.
Microsoft has 14 patches prepared for next week, including high-priority fixes.

Microsoft plans to deliver 14 patches as part of its monthly Patch Tuesday security update, including fixes that address troubling remote code execution flaws in its products.

Four of the patches, or Microsoft “bulletins,” will plug critical remote code execution vulnerabilities in the Microsoft Office, Windows and Server software, an advanced notification from the software giant said on Thursday.

Wolfgang Kandek, CTO at vulnerability and compliance management firm Qualys, said in prepared comments that one critical patch, Bulletin #2, should be top of mind because of how easy it is for miscreants to target victims.

“Bulletin #2 should be high priority for your desktop security team; it addresses a flaw in Microsoft Office that can be triggered simply by previewing an email in Outlook, even without explicitly opening the email,” Kandek warned. Users running Outlook 2007 and 2010 can update their software with the patch.

Other fixes deemed “critical,” Microsoft's highest rating, update the company's Sharepoint Server product, Internet Explorer versions 6 to 10, and operating systems Windows XP and Windows Server 2003.

Bulletins ranked “important” also included fixes for remote code execution flaws and vulnerabilities that could allow an attacker to carry out a denial-of-service, or give saboteurs elevated privileges. Another security issue, which could allow users' private data to be disclosed to attackers, will also be plugged with the Patch Tuesday update.

Share this article:

Sign up to our newsletters

More in News

Russian hacker Seleznev ordered to remain in custody

Roman Seleznev's attorneys requested that the hacker be released on bond, but their pleas were rejected this past week.

Bug in iOS Instagram app fixed, impacts Facebook accounts

The vulnerability comes into play when Instagram users search for Facebook friends to "follow."

AP denied security docs on HealthCare.gov, a risk to private information

AP denied security docs on HealthCare.gov, a risk ...

The Associated Press was denied a request made under the Freedom of Information Act for documents that contain security information on HealthCare.gov.