Patch Tuesday December edition brings an important security update for Windows 7. Update KB3205394 offers six major security fixes, patching severe vulnerabilities that could allow remote code execution.
Windows 7 KB3205394 doesn’t include any new operating system features, focusing only on security updates. More specifically, the update patches a series of vulnerabilities affecting the common log file system driver, Windows 7 OS, kernel-mode drivers, and more.
Security update KB3205394 patches
- MS16-153 common log file system driver vulnerabilities
These vulnerabilities could allow information disclosure when the Windows Common Log File System driver improperly handles objects in memory.
- MS16-151 Windows kernel-mode driver vulnerability
More exactly, this vulnerability could allow elevation of privilege, meaning that attackers could then easily take control of the affected system.
- MS16-149 Microsoft Windows vulnerability
Just like the second vulnerability on the list, this OS weakness could allow elevation of privilege.
- MS16-147 Microsoft Uniscribe vulnerability
This flaw could allow remote code execution.
- MS16-146 Microsoft graphics component vulnerabilities
Again, most severe of these flaws could allow remote code execution.
- MS16-144 Internet Explorer vulnerabilities
To benefit from the latest Windows 7 security patches, you can either install only the security update KB3205394, or the Windows 7 Monthly Rollup KB3207752. The only difference is that the Monthly Rollup also includes improvements and fixes from previous monthly rollups.
How to install KB3205394
For more information about the latest Windows 7 security update, you can check out Microsoft’s support page.
RELATED STORIES YOU NEED TO CHECK OUT:
- Microsoft rolls out Windows 7 KB3197867 and Monthly Rollup KB3197868
- Windows 7 and 8 individual patches removed as cumulative update model is coming
- Common Windows 7 update error codes and how to fix them
- Windows 7 users rally against the Monthly Update Rollup system