Every month, Microsoft releases a good number of security patches in its Patch Tuesday schedule. The month of October hasn’t been so great, with many botched updates being reported. But let’s hope that this doesn’t get repeated this month.
As usually, Microsoft has issued a bulletin advance notification for the updates it will release during the Patch Tuesday of November 2014. Microsoft will be addressing all major Windows versions, its Microsoft Office suit of products and Internet Explorer, as well. No less than 16 security bulletins will be addressed this November 11, with five of them being flagged as “critical”, nine s “important” and the remaining two are considered “moderate” risks.
As a matter of fact, this is the highest bulletin from Microsoft this year, according to Chris Goettel, product manager for IT management firm Shavlik. Maybe one of the reasons why this Patch Tuesday is the biggest one this year is because there are some bulletins aimed at the Technical Preview of Windows 10, as well. The patches that Windows 10 will get cover remote code execution and elevation of privilege vulnerabilities in both the server and desktop versions.
The critical updates address the following:
- remote code execution flaws in Windows 10 and Windows 10 Server technical previews and all current versions of Windows, Windows RT and Windows Server
- remote code execution vulnerability in Internet Explorer versions 6 to 11 on all currently supported versions of Windows and Windows Server, including Windows 10, with the exception of Core Server Installation
The important updates address elevation of privilege in the following products
- currently supported versions of Windows Server 2003
- all current versions of Windows desktop and Windows Server, except Server 2003 and Core Installation
- all versions of Windows and Windows server, except Server 2008 for 32-bit and x64-based systems
The software updates apply to Microsoft Word 2007 Service Pack 3, Microsoft Word Viewer, and Microsoft Office Compatibility Pack Service Pack 3, as well as SharePoint Server 2010 Service Pack 2, all versions of Exchange Server from 2007 Service Pack 3 to 2013 Cumulative Update 6. Stay tuned as we’ll have more to share once it goes live.