Patch Tuesday will fix vulnerabilities that could result in remote code execution
Microsoft has announced details of its latest Patch Tuesday security update, which includes fixes for a number of remote code execution vulnerabilities that the company rates as critical.
The update, which will be released on Valentine’s Day, will feature nine bulletins covering 21 vulnerabilities.
Four of the bulletins are critical and relate to remote code execution. Microsoft says these will cover Windows, Internet Explorer, .NET Framework and Silverlight. The remaining bugs are rated Important and cover remote code execution and elevation of privilege.
However it is the critical flaws that IT admins should focus on, said Wolfgang Kandek, CTO of Qualys.
"Four bulletins are classified as "critical" and the remaining as "important". There is the expected critical update to Internet Explorer which should be highest priority. After all, we saw last month how quickly attackers are incorporating browser based attacks into
That doesn’t mean the rest should be forgotten, Kandek said. "In the "important" category, there are three Remote Code Execution vulnerabilities, one of them in Office. Most likely we are looking at file based attacks and at least the Office vulnerability should be included in your first tier of patching."
Microsoft said the updates will be pushed out February 14th, which will mean an unromantic start to Valentine’s Day for many IT admins.