The December edition of Patch Tuesday brings two important updates to Windows 8.1. Microsoft recently pushed security update KB3205400 and Monthly Rollup KB3205401 to the OS, fixing a series of major security vulnerabilities.
Windows 8.1 Monthly Rollup KB3205401 includes the improvements and fixes brought by KB3197875, released on November 15. The update also incorporates the security fixes brought by the latest Windows 8.1 update, KB3205400.
As a quick reminder, to benefit from the latest security improvements, you can either install the security update KB3205400 only, or install the Monthly Rollup KB3205401. There’s only one difference between the two updates: as stated above, KB3205401 also includes the improvements brought by the previous Windows 8.1 updates.
KB3205400 patches the following Windows 8.1 vulnerabilities:
- MS16-153 common log file system driver vulnerabilities
These vulnerabilities could allow information disclosure when the Windows Common Log File System driver improperly handles objects in memory.
- MS16-151 Windows kernel-mode driver vulnerability
More exactly, this vulnerability could allow elevation of privilege, meaning that attackers could then easily take control of the affected system.
- MS16-149 Microsoft Windows vulnerability
Just like the second vulnerability on the list, this OS weakness could allow elevation of privilege.
- MS16-147 Microsoft Uniscribe vulnerability
This flaw could allow remote code execution.
- MS16-146 Microsoft graphics component vulnerabilities
- Again, most severe of these flaws could allow remote code execution.
- MS16-144 Internet Explorer vulnerabilities
The most severe of these flaws could allow remote code execution when IE users visit a specially crafted website.
How to install KB3205400 and KB3205401
You can install Monthly Rollup KB3205401 through Windows Update. Turn on the update system, and the OS will automatically download and install the latest updates. You can also download KB3205401 from the Microsoft Update Catalog website.
As far as security update KB3205400 is concerned, you can only download it as a stand-alone package from the Microsoft Update Catalog.
RELATED STORIES YOU NEED TO CHECK OUT: