While Microsoft didn’t release any updates for Windows 8.1 last month, the wait is finally over now as this month’s Patch Tuesday brings two important updates for the OS. Windows 8.1 users can now download security update KB4012213 and Monthly Rollup KB4012216 on their systems. Let us see what each update brings in terms of bug fixes and improvements.
Windows 8.1 KB4012213
Update KB4012213 brings a bevy of security patches for the Windows Media Player, Microsoft Graphics Component, Windows PDF Library, Windows kernel-mode drivers, and other tools.
- MS17-022 Microsoft XML Core Services: This vulnerability could allow information disclosure if a user visits a malicious website.
- MS17-021 DirectShow: This vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content hosted on a malicious website.
- MS17-019 information disclosure vulnerability in Active Directory Federation Services.
- MS17-018 Windows Kernel-Mode Drivers: This vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. In other words, the attacker could take control of the affected system.
- MS17-016 Internet Information Services: This vulnerability could allow elevation of privilege if users clicks a specially crafted URL hosted by an affected Microsoft IIS server. The attacker could potentially execute scripts in the user’s browser to obtain information from web sessions.
- MS17-013 Microsoft Graphics Component vulnerability affecting Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight that could allow remote code execution.
- MS17-012 Microsoft Windows remote code execution vulnerability.
- MS17-011 remote code execution vulnerability in Microsoft Uniscribe.
- MS17-010 remote code execution vulnerability in Windows SMB Server.
- MS17-009 Microsoft Windows PDF Library: This vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.
- MS17-008 Windows Hyper-V vulnerability that causes the Hyper-V host operating system to execute arbitrary code.
Windows 8.1 Monthly Rollup KB4012216
Monthly Rollup KB4012216 includes all the improvements and fixes brought by the previous KB3205401 update as well as the patches brought by KB4012213.
The Monthly Rollup also features a series of security fixes for Internet Explorer. The most severe of the vulnerabilities could allow for remote execution of malicious code if a user views a specially crafted webpage using IE. Attackers would then be able to log in with administrative user rights, take control of the affected system and install programs, view, change, or delete data, or create new accounts with full user rights.
You can download both these updates from the Microsoft Update Catalog website.
RELATED STORIES YOU NEED TO CHECK OUT: