EOL IT Services has now merged with tier1 Asset Management Ltd

Huge List of Microsoft Patches for Windows and Office users in November

by | Nov 19, 2014 | News

Software giant, Microsoft have recently released a large number of bug fixes on Patch Tuesday for their Microsoft Windows and Microsoft Office users, in time for the big security update.

The company marked six of the updates as ‘critical’ with concern to computer security. Nine of them were considered ‘important’ and the remaining two were considered ‘moderate’.

Chris Goettel, product manager for IT management firm Shavlik told El Reg “This is the highest bulletin count we have seen from Microsoft this year.” It’s even bigger than the May and August Patch Tuesday bulletin counts that included nine items.

As they were in previous years, the patches were all made available via the Windows Update tool, and all users who had their automatic update settings turned off were encouraged to enable them immediately. Computer users were also encouraged to check for fixes to the Adobe Flash plugin on Patch Tuesday because in previous years, Adobe released their bug fixes in order to coincide with the Windows ones.

It was advised that, if any of these Adobe fixes were available, they should also be applied.

The majority, (four out of five) of the bugs that these patches are helping to protect against, allowing remote execution for computer attackers. The other bug gives attackers the ability to gain administrative privileges on vulnerable computers.

Many of the other flaws could widen the variety of privileges available to attackers in other areas, and others could mean that attackers would be able to bypass OS security features.

Most of the bulletins included in this month’s Patch Tuesday have a very specific purpose.

The sixth bulletin is specified only for Microsoft Office 2007. Bulletin ten, however, is made to patch vulnerabilities in components of SharePoint Foundation 2010 SP2, and bulletin 12 will help to protect the 2007, 2010 and 2013 versions of Exchange Server.

Nine of the bulletins that were considered ‘critical’ fixed bugs in Windows itself. As with many fixes, there are potential flaws, but the flaws in the bulletins were entirely dependent on which version of Windows it is that you have been using.

It was also important for users to realise that all versions of Windows are at some risk with concern to these flaws. In fact, even the Windows 10 Technical Preview required patching this time.

The other ‘critical’ bulletin was designed for all versions of Internet Explorer, including versions as dated as IE6 which runs on Windows Server 2003 SP2. It’s apparent that fixes for Internet Explorer often feature in the bulletins for Patch Tuesdays, and this fix, as with previous Internet Explorer fixes, addresses multiple vulnerabilities in the programme.

Of course, these Patch Tuesdays are regular and will continue each month in order to ensure the highest computer security possible. The most important thing that you for your companies IT security, is to make sure that these updates are regularly applied.

[Photo Credit: James Marvin Phelps ]


Recent Stories

What Do Refurbished Technology Grades Mean?

What Do Refurbished Technology Grades Mean?

As enterprises strive to balance their sustainability targets and a limited financial budget with the technology requirements of the business, an increasing number of CIOs are taking a circular approach to IT procurement. Our ‘take, make, dispose’ culture has had a...

7 Questions to Ask Your ITAD Supplier.

7 Questions to Ask Your ITAD Supplier.

The growth of the cloud, the emergence of hybrid working and remote collaboration along with the soaring quantities of data-rich Internet of Things devices means that IT asset disposition no longer solely concerns the disposal of end of life IT assets. Today’s ITAD...

Are Unintentional Cyber-attackers Risking your Data Security?

Are Unintentional Cyber-attackers Risking your Data Security?

As we learnt during the last couple of years, for the cyber-criminals, a crisis merely presents an opportunity. In 2020, malware attacks rose by 358% and in the first quarter of 2022, Russia experienced nearly 3.6 million data breaches, an 11% increase*. Cyber-attacks...