Patch Tuesday this month brought 8 bulletins from Microsoft and Adobe patches as well. Microsoft has labeled two of the eight bulletins as critical, but none of the bulletins address any issues with Windows XP. This seems to mean that while Microsoft continued to patch Windows XP with the last update, they will no longer be considering XP going forward. Windows XP users are now vulnerable as Microsoft will no longer be focusing resources to patch this out of date operating system. This will probably lead to many attacks as hackers now know that XP machines are vulnerable.
The two critical patches concern the possibility of remote code execution. This would be in IE versions 6-11. There is also a patch for a flaw in the Windows shell interface that could allow a user to gain administrator privileges with the right set of code.
Users of SharePoint should review the windows update MS14-022 which is a fix for a vulnerability that that might allow an attacker to update a file with malicious code.
It is important to keep your computer up to date. If your computer is not set to run windows update automatically, you should check it so that you can update it manually when needed.
Also released this month are Adobe patches for Reader, Flash and Illustrator. Keep in mind that Adobe also no longer releases updates or patches for versions of its software that are running on the Windows XP machines.
If you are running Windows XP on any of your machines, it is critical that you replace those machines. Now that Microsoft has stopped support for Windows XP, you are leaving your network open to attack.
No comments:
Post a Comment