Admins face a busy Patch Tuesday, after Microsoft warned it was issuing 14 security bulletins as part of its monthly patching cycle.
This month's Patch Tuesday, out this week, features four critical bulletins and 11 rated as important, Microsoft revealed in its advanced notification.
The critical patches address vulnerabilities in Office, Windows, Internet Explorer and Server, while the remaining bulletins affect Office, Windows and the .Net Framework.
"No less than eight of them are categorised as remote code execution but only four of them are rated as critical," said Ziv Mador, director of security research at Trustwave, of the bulletins.
"These fourteen bulletins don’t look like slouches either with critical bulletins in Sharepoint, Outlook, Internet Explorer and Windows itself. Although the Windows one looks like it only impacts XP and Server 2003, which you have hopefully already migrated off of," added Mador. "A handful of the rest of the bulletins impact Microsoft Office, including one for Excel on OS X in Office 2011."
One of the critical patches affects Windows XP and Windows Server 2003, which security experts suggested Microsoft was trying to lock them down before it stops releasing updates in 2014.
“You should be phasing those out by now, since they lose support for security patches in April of next year, similar to Office 2003 which will also lose support in April,” said Wolfgang Kandek, CTO of security firm Qualys. "Those operating systems and the Office suite will then start to accumulate unfixed vulnerabilities and become a magnet for attackers who will have access to easy-to-use and surefire tools to exploit setups that run on XP/2003 or that have Office 2003.”
Several of the patches will require a restart.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
