What to look out for in 2014's last Patch Tuesday
After last month's blizzard of patches tomorrow's last round of Windows updates for the year looks set to be rather quieter.
Only seven bulletins have been announced, of which three are rated Critical and four Important. Of the Critical patches one is for Internet Explorer, one for Office and one for Windows itself -- likely to be for a remote code execution vulnerability.
There's an Important MS Exchange patch to resolve an elevation of privilege problem. Chris Goettl Product Manager of IT management specialist Shavlik says, "As you may recall, this patch was held out of last month's Patch Tuesday updates along with another out-of-band patch that was released later in November. With all of the changes at Microsoft recently, this practice of holding a patch could become a pattern. It is likely that with less important patches, these will be released on a subsequent Patch Tuesday".
The Internet Explorer patch looks set to be a cumulative security update, something that will probably become a regular fixture in future Patch Tuesdays as hackers increasingly target browsers. There are three Office updates in total all of which address remote code vulnerabilities.
Karl Sigler, Threat Intelligence Manager at Trustwave says, "This security update will be light compared to the previous patch Tuesday. None of the CVEs included in this release are exploited in the wild at the moment. Also, it's not likely there will be a vulnerability as nasty as the Schannel Remote Code Execution vulnerability (MS14-066) from last month".
Third-party patches are expected from Adobe too according to Wolfgang Kandek, CTO of cloud security specialist Qualys. "Adobe has notified of a new version of Adobe Reader and Acrobat in APSB14-28. Both versions 10 and 11 on Windows and Mac OS X are affected by this critical vulnerability. In addition we also expect a new version of Flash as Adobe has had monthly release for Flash in every month in 2014 so far".
All versions of Windows, Office and IE are thought to be affected by at least one of the vulnerabilities. Users with automatic updates enabled should receive these updates automatically though a reboot will be required to apply them.