Patch Tuesday has brought us a total of 4 critical updates

Jul 15, 2015 05:30 GMT  ·  By

Microsoft has recently rolled out this month’s Patch Tuesday updates, addressing flaws in some of its most-used products, including Windows, Office, and Internet Explorer.

A total of 14 security updates have been rolled out this month, four of them being rated as critical and targeting flaws in Microsoft Windows and Internet Explorer, so it’s recommended to prioritize the deployment of these patches.

As far as Internet Explorer is concerned, the browser that will soon be replaced with Microsoft Edge in Windows 10, it has received one big update that tries to fix a total of 28 security vulnerabilities with MS15-065, including 19 remote code execution flaws that would allow an attacker to get the same privileges as the logged-in user with the help of a compromised website.

Microsoft Office has also gotten MS15-070, which addresses 8 RCE flaws, and security experts warn that at least one of these vulnerabilities is already under exploitation. This means that attackers are already trying to take advantage of the flaw, so you are strongly recommended to install this one as soon as possible if you’re using the productivity suite on a regular basis.

As usual, all these patches are being delivered via Windows Update, so make sure you install them as soon as possible. Until now, we haven’t received any report of potential botched updates, but we’ll keep an eye on everything that goes wrong to let you know about it.

No more Windows Server 2003 support

This Patch Tuesday is the last for Windows Server 2003, which will no longer receive any other updates and security fixes in the future. Microsoft recommends customers to upgrade their servers, and security experts tell us pretty much the same thing.

“July is the last month of patches for Windows Server 2003. Nine of the 14 bulletins affected Windows Server 2003. That is a clear indication that attackers will continue to find issues in Windows 2003 at roughly that rate. There are only two things to do to avoid that threat, migrate away from Server 2003 or pay Microsoft for the necessary patches through a special support contract,” Wolgang Kandek, CTO of Qualys, said in a statement.

Third-party data shows that millions of servers are still running this unsupported version of Windows Server, so paying for custom support might be the best choice in the short term.