Microsoft has detailed in its advanced notification that the next Patch Tuesday will include a total of 14 security fixes out of which four are rated as critical and 11 as important. Out of the 14 patches three would require a restart of the system once applied.
This month’s Patch Tuesday will patch vulnerabilities in different version of Windows operating system, Internet Explorer, Microsoft Office, Windows Server and .NET framework. Out of the 14 vulnerabilities patched this time around, eight are remotely exploitable and four of these are critical; couple of vulnerabilities lead to denial of service whereas three cause elevation of privileges.
Microsoft has addressed a couple of critical vulnerabilities in Windows XP in this month’s patch cycle while three other vulnerabilities in Windows XP are rated as Important. Vulnerabilities in Windows 7 are also being addressed including one, which is rated as critical. Newly released Windows 8 is also being patched and one of the vulnerabilities is rated as critical – affects Internet Explorer 10.
It is recommended that system admins in charge of infrastructures which include Windows XP and Windows 2003 production systems should definitely patch the affected systems next Tuesday and should ensure that none of the systems are still vulnerable to known security issues. As of July’s stats Windows XP still had a user base of over 35 percent. With 2014 approaching fast it would be too late once Microsoft officially stops supporting Windows XP. Same is the case for Office 2003 as well – official support ending on April 8, 2014.
There have been reports earlier indicating that hackers are stockpiling on Windows XP zero-days and they will be utilizing those to craft viruses, Trojans and other malware.