Little Holiday Joy This Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next Little Holiday Joy This Patch Tuesday-9 Next

Security Advisories

Additionally, Microsoft released 4 security advisories this Patch Tuesday.

  • Security Advisory 2905247 – Insecure ASP.Net Site Configuration Could Allow Remote Code Execution
  • Security Advisory 2871690 – Update to Revoke Non-Compliant UEFI Boot Loaders
  • Security Advisory 2915720 – Changes in Windows Authenticode Signature Verification
  • Revision to 2755801 documenting another update for Adobe Flash Player

Microsoft released 11 bulletins for the final Patch Tuesday of the year. In 2013, we saw a total of 106 bulletins, which is an increase of 22 percent over 2012’s total count.

December’s patches include five critical, six important, and they cover 24 CVEs. As promised, Microsoft addressed the Graphics Components vulnerability in bulletin MS13-096. This one is rated critical and should be your first priority, despite the hot-fix that’s been in place since November. It affects Windows, Office and Lync through Office 2007 installed on XP. In this vulnerability, an attacker needs to convince a user to preview or open a bad TIFF image for exploitation. Because we know persuading users to click isn’t always that hard to do, a patch for this one is definitely welcome.

Missing this month is a bulletin for the vulnerability currently under limited targeted attacks in the Windows kernel component in XP and Server 2003. Your best option is the security advisory Microsoft recently released, 2914486. This is perhaps another reminder that end-of-life is now just four months out for Windows XP and users still running it should move to a current generation operating system sooner rather than later.

The slideshow features a review of December's patches, provided by Paul Henry, forensic and security analyst at Lumension.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.