Microsoft recently announced that 11 new security updates will be released on the 10th of December. The security updates will address vulnerabilities in Windows, Internet Explorer, Exchange, and Office, with one update to stop active attacks. With these security updates, Microsoft’s total count of updates for the year will reach 106, a 28% increase from 2012.
- Out of the 11 updates, six will be labeled as “important” and five will be labeled as “critical,” the top ranking in Microsoft’s scoring system.
- The Internet Explorer update will impact all currently supported versions of Microsoft’s browser, from IE6 to IE11. Microsoft patched IE during every month of 2013.
- Flaws found in a combination of Windows and Office editions will be patched by one of the five critical updates.
- The update will shut down ongoing attacks reported to Microsoft by McAfee researchers in November. On November 5th Microsoft delivered a security advisory describing the threat and provided a temporary fix.
- As for the last three critical updates, two will address Windows, and the third will patch Exchange.
- The remaining six updates labeled important will patch vulnerabilities found in Windows, Office 2010, Office 2013, Visual Studio Team Foundation Server 2013, and SharePoint Server.
If the updates aren’t applied, users will be at risk from malware, information theft, and threatening attacks, as cybercriminals will be able to acquire additional privileges and bypass security features. Identity theft and cybercrime are the fastest growing crimes in the United States. When identity theft occurs, victims spend months, or even years trying to undo the damage.
Our clients on the Sydney Technology Solutions managed IT services program have nothing to worry about. We will review these updates and automatically deploy them.
Microsoft will release these security updates on December 10th at 1 PM Eastern time. Keeping your system updated with the latest security patches will help to evade unauthorized access and intruders.