‫ Patch Tuesday Lite: 4 non-critical updates from Microsoft

ID: IRCNE2014012070
Date: 2013-01-15

According to "zdnet", microsoft disclosed four security bulletins today describing a total of six vulnerabilities, and released product updates to address these vulnerabilities.

This is the first month since September 2011 that Microsoft has released no critical updates in a Patch Tuesday cycle, and the first since September 2012 that they have released four or fewer updates.

The four bulletins, all of which are rated Important:

  • MS14-001: Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605) 

  • MS14-002: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368) —  A user with valid logon credentials who is able to log on locally could run a special program and elevate privilege. This vulnerability affects only Windows XP and Windows Server 2003.

Note: This vulnerability was reported back in November as being exploited in the wild.

  • MS14-003: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2913602) — Windows 7 and Windows Server 2008 R2 are vulnerable to a privilege elevation vulnerability. The user must be have valid logon credentials and be able to log on locally.

  • MS14-004: Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service (2880826) — 

Microsoft also released today a large number of non-security updates including a new version of the Windows Malicious Software Removal Tool.

Related Links:

Microsoft: Just 4 January patches, none critical 



بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 25 دی 1392



امتیاز شما
تعداد امتیازها:0