14 DAY TRIAL // Microsoft announced earlier today that it would release a total of five security bulletins part of this month’s Patch Tuesday cycle to patch vulnerabilities in Windows, Internet Explorer, and Office.
Wolfgang Kandek, CTO of security company Qualys, has said in a blog post that this is the smallest Patch Tuesday of 2013, but it’s still supposed to patch “some of the most widely used and important Windows components.”
All Internet Explorer versions will be patched next week, regardless of the Windows build you’re running.
“Bulletin 1 is rated as critical and affects all versions of Internet Explorer on all Windows platforms. If left unpatched, this vulnerability can cause RCE (remote code execution) which implies that an attacker can take control of the victim computer if the victim browses to a malformed website using Internet Explore r(IE). Since the browser is a window to the internet, IE users should apply this RCE patch as soon as it is released,” Kandek explained.
Another important update is labeled as bulletin 2 and is supposed to patch flaws in server and desktop versions of 32-bit operating systems.
“Windows 7, 8, Vista, XP as well as Server 2003 and 2008 are affected. Systems that are not affected include Windows Server 2008 R2, 2012 and Windows RT,” he stressed.
Server operating systems will also receive plenty of improvements next week, especially because the company is trying to patch a DOS vulnerability found in its software.
“Bulletin 3 is only a denial-of-service vulnerability, but since it affects server operating systems, including Windows 2008, R2 and 2012, we need to watch if it can be exploited remotely by sending malicious packets of data on listening services,” the security expert continued.
Also, keep in mind that this month’s Patch Tuesday is also projected to bring improvements for Surface tablets, as the company has already announced that both the RT and the Pro would benefit from Touch and Type Cover options.