Microsoft’s Final Security Update of the Year Fixes IE, Word and Office Web Apps

Madeleine Dean By: Madeleine Dean
2 minute read

Home » Microsoft’s Final Security Update of the Year Fixes IE, Word and Office Web Apps

Microsoft has launched the last security patch for this year, fixing a number of critical vulnerabilities in Internet Explorer, Word and Office Web Apps.
microsoft-releases-final-security-update-for-2014
Since the tech giant doesn’t release these security improvements for nothing, it is recommended that users get the new updates as soon as possible in order to avoid any possible attacks from malicious software.

Microsoft has patched fourteen vulnerabilities in Internet Explorer. The most important involved remote code execution that allowed the attacker to gain user rights. This was done through a specially developed webpage that incorporated the malicious software.

“The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user.”, the official bulletin summary informs.

Secondly,a malicious software that had the same modus operandi like the Internet Explorer thread, was also lurking in the dark for Word and Office Web Apps users. The malicious code was incorporated into a Word / Office document.

“The vulnerabilities could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Microsoft Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

The remote code execution bug also targeted the VBScript scripting engine and users got infested in the same old fashioned manner. They visited a specially crafted website and the system got infected.

Thirdly, Adobe Flash Player has been incorporated into Internet Explorer together with a new version that fixes major vulnerabilities. In order to install the new flash player, the browser has to be rebooted. This also means that Windows Update now delivers the patches for the flash player.

These are the most important security updates for December. For more information about the vulnerabilities patched this month, go to Microsoft’s page.

READ ALSO: KB3002339 Update Causes Problems for Windows 7 and 8.1 Users

Discussions

Next up

4 trendy Gears of War Christmas sweaters to gift this season

Madhuparna Sukul avatar. By: Madhuparna Sukul
Less than a 1 minute read

Wearing fashionable sweaters is no big deal during winters, but wearing an ugly sweater is. Yes, the trend of ugly Christmas sweaters is back. The […]

Continue Reading

What software to use for photo collage in 2019?

Matthew Adams By: Matthew Adams
Less than a 1 minute read

As you all know, photo slideshow software gives you one way to show off your fave snapshots. However, photo collages that display a collection of […]

Continue Reading

How can I mirror my iPhone or iPad screen to Windows 10?

Matthew Adams By: Matthew Adams
3 minute read

AirPlay media streaming enables you to stream content from an iPhone or iPad to Mac OS X desktop or laptop. This media streaming, otherwise mirroring, projects […]

Continue Reading