Microsoft to open year with seven patches

Share this article:

Microsoft is set to kick off the New Year with seven patches, two rated "critical," to amend 12 vulnerabilities present in Windows, Office, Developer Tools, .NET Framework and server software.

It does not appear that a zero-day vulnerability in Internet Explorer, which has been used to spread malware on a limited number of targeted websites, will be fixed. Of those that will, the most pressing bulletins to address are the two critical ones, according to researchers.

One involves an issue with Server Core, an installation option for PCs running Windows Sever 2008.

"This is where I would prioritize patching efforts because this is potentially a wormable bug, and since Server Core is affected, it could apply to a very common service," Ross Barrett, senior manager of security engineering at Rapid7, a vulnerability management company, said in prepared comments.

The patches are set to be released approximately 1 p.m. EST on Tuesday.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.