Microsoft’s Final Security Update of the Year Fixes IE, Word and Office Web Apps

2 minute read

Microsoft has launched the last security patch for this year, fixing a number of critical vulnerabilities in Internet Explorer, Word and Office Web Apps.
microsoft-releases-final-security-update-for-2014
Since the tech giant doesn’t release these security improvements for nothing, it is recommended that users get the new updates as soon as possible in order to avoid any possible attacks from malicious software.

Microsoft has patched fourteen vulnerabilities in Internet Explorer. The most important involved remote code execution that allowed the attacker to gain user rights. This was done through a specially developed webpage that incorporated the malicious software.

“The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.”, the official bulletin summary informs.

Secondly,a malicious software that had the same modus operandi like the Internet Explorer thread, was also lurking in the dark for Word and Office Web Apps users. The malicious code was incorporated into a Word / Office document.

“The vulnerabilities could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Microsoft Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

The remote code execution bug also targeted the VBScript scripting engine and users got infested in the same old fashioned manner. They visited a specially crafted website and the system got infected.

Thirdly, Adobe Flash Player has been incorporated into Internet Explorer together with a new version that fixes major vulnerabilities. In order to install the new flash player, the browser has to be rebooted. This also means that Windows Update now delivers the patches for the flash player.

These are the most important security updates for December. For more information about the vulnerabilities patched this month, go to Microsoft’s page.

READ ALSO: KB3002339 Update Causes Problems for Windows 7 and 8.1 Users

For various PC problems, we recommend to use this tool.

This tool will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Quickly fix PC issues and prevent others from happening with this software:

  1. Download this PC Repair Tool with Patended Technologies
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues (requires upgrade).