Menu
Microsoft releases 14 patches for Windows security problems

Microsoft releases 14 patches for Windows security problems

It's the largest number of patches issued in a single day so far in 2013 and 2014

Microsoft has released patches for 14 vulnerabilities in its Windows operating system, Office and Internet Explorer software, including four it deemed critical, it's highest severity rating.

All four of the critical bugs could allow attackers to remotely execute programs on a targeted system, something that in the past has allowed hackers to steal personal information such as passwords or take over machines for the purpose of sending spam.

The patches were released as part of the company's monthly "patch Tuesday" security update for its major software products. The company had originally planned to deliver 16 updates Tuesday, but two are marked as yet to appear. They include one that was expected to carry a critical rating.

At 14, the number of patches is a monthly record for 2013 and 2014.

They include a problem with Windows Object Linking and Embedding that could allow remote code execution if the user visits a website containing malicious code. If the user is logged in as the administrator, the attacker could gain the ability to install programs and change and delete data. A related patch for Internet Explorer fixes the vulnerability with malicious websites and 16 other problems with the software, said Microsoft.

A security update for the Microsoft Secure Channel software in Windows fixes a problem that leaves Windows Server vulnerable to attack from specially crafted packets. The fourth critical patch fixes a hole in Windows that allows attackers to invoke Microsoft XML Core Services from a malicious website and then remotely execute code on a target system.

A further seven patches are marked as important -- the second highest rank.

One vulnerability in Microsoft Office allows for remote execution of code, four additional problems allow attackers to assign themselves higher privileges and two allow bypass of certain security features in Windows.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is martyn_williams@idg.com


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags officeMicrosoftsecurityWindowssoftwareInternet Explorer

Featured

Slideshows

Channel celebrates as HP marks 50 years in NZ

Channel celebrates as HP marks 50 years in NZ

HP marked 50 years in New Zealand at an event in the vendor's Auckland's headquarters last night, with a host of key channel figures coming along to celebrate. Photos by HP.

Channel celebrates as HP marks 50 years in NZ
EDGE 2017 - Icebreaker Sessions round 2

EDGE 2017 - Icebreaker Sessions round 2

EDGE guests experience the value of networking at the second round of Icebreaker sessions.. Photos by Maria Stefina

EDGE 2017 - Icebreaker Sessions round 2
EDGE 2017 Dinner Under the Stars

EDGE 2017 Dinner Under the Stars

EDGE's Day 2 keynote and breakout sessions were followed by the Dinner Under the Stars. Over 300 people were present to enjoy a seafood feast and lots of excitement at Hamilton Island's Bougainvillea Marquee. Photos by Maria Stefina.

EDGE 2017 Dinner Under the Stars
Show Comments