Critical Patch Tuesday November 2014

November 8th, 2014 by Stephen Jones Leave a reply »

Next week’s round of Patch Tuesday updates from Microsoft will be the biggest so far this year with 16 bulletins in total, five of which are rated Critical and nine as Important.

Most of the Critical bulletins are for Windows components and affect a range of supported systems.

If you are currently running a supported version of Windows, then update as soon as these updates become available. These are some nasty vulnerabilities in Windows

We expect that one of these bulletins will address the OLE remote code execution for which a security advisory was published last month. Exploits have continued.

There will be an update to .NET Framework too – those patches tend to take longer than the average OS patch to install.

Patches for the Windows 10 and Windows Server Technical Previews will be available

The additional 16 bulletins means that we will probably finish the year under 100 vulnerabilities, which is a bit lower than in 2013

Bulletin 2, which covers all versions of Internet Explorer from IE6 on Windows 2003 to IE11 on Windows 8.1, should be a high priority for admins since there’s a whole underground industry developing browser exploit kits.

The Important bulletins address Windows, the .NET runtime framework and Word along with the SharePoint and Exchange servers. If you have automatic updates turned on all of the required updates will be downloaded as they become available. A reboot will be needed to complete the installation.

Adobe has put out Flash updates on all but one of this year’s patch Tuesdays, so add that to your list .


Leave a Reply