No Love for IT this February Patch Tuesday

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next No Love for IT this February Patch Tuesday-3 Next

MS14-005

Next on the list should be MS14-005, a vulnerability in MS XML Core Services that could allow information disclosure. The bulletin is rated as Important, but the vulnerability covered has been publicly disclosed and has known active attacks. This is a browser-initiated attack vector and the bulletin is applicable to all currently supported Windows platforms. The likely goal for an attacker would be to grab an OS version and use that information for a more targeted exploit against a different vulnerability.

Microsoft was looking to deliver a light Patch Tuesday this month, but added two last-minute bulletins to the mix. February now includes seven bulletins, four critical and three important, that cover a total of 32 CVEs. The patches address vulnerabilities in Windows, Internet Explorer, Security Software and the .NET framework. Russ Ernst, director of product management at Lumension, takes a closer look at this February's Patch Tuesday.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Shadow IT Security How Risky Behaviors Hurt Shadow IT Security

Examine some of the concerns involving shadow IT security and some of the riskiest behaviors, applications and devices. ...  More >>

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.