Little Holiday Joy This Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Previous Little Holiday Joy This Patch Tuesday-1 Next

Click through for a summary of the patches released this December Patch Tuesday, provided by Paul Henry, forensic and security analyst at Lumension.

Microsoft released 11 bulletins for the final Patch Tuesday of the year. In 2013, we saw a total of 106 bulletins, which is an increase of 22 percent over 2012’s total count.

December’s patches include five critical, six important, and they cover 24 CVEs. As promised, Microsoft addressed the Graphics Components vulnerability in bulletin MS13-096. This one is rated critical and should be your first priority, despite the hot-fix that’s been in place since November. It affects Windows, Office and Lync through Office 2007 installed on XP. In this vulnerability, an attacker needs to convince a user to preview or open a bad TIFF image for exploitation. Because we know persuading users to click isn’t always that hard to do, a patch for this one is definitely welcome.

Missing this month is a bulletin for the vulnerability currently under limited targeted attacks in the Windows kernel component in XP and Server 2003. Your best option is the security advisory Microsoft recently released, 2914486. This is perhaps another reminder that end-of-life is now just four months out for Windows XP and users still running it should move to a current generation operating system sooner rather than later.

The slideshow features a review of December's patches, provided by Paul Henry, forensic and security analyst at Lumension.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.