Microsoft announced on Thursday that the company will release 14 security updates next week to patch critical vulnerabilities in Internet Explorer (IE), Windows, Office and SharePoint. Microsoft’s patches will fix a fairly significant issue found in all versions of the Internet Explorer browser (IE6 to IE10) that can result in remote code execution on victims’ machines. There is also a bug in Outlook 2007 and Outlook 2010, the email clients included with Office 2007 and Office 2010, that are fairly dangerous if left untouched.
Of the 14 updates slated to ship next Tuesday, Microsoft pegged four as critical, the company’s most severe rating. The other 10 will be labeled “important,” the next step down in Microsoft’s four-step threat system.
Microsoft has patched IE every month so far this year in an attempt to make it more secure and it appears to be working well. Rivals Google and Mozilla both update their Chrome and Firefox browsers several times monthly or once every six weeks. Microsoft has released ~80 patches this year so far, which is nearly as many that were released last year. It looks like Microsoft is doing as many updates as it can as Windows XP OS support officially ends in April 2014. That sounds far off, but there are many companies that are still running on Windows XP. If you are still running Windows XP at a small business, you might want to let your boss know that support is ending as they might not know if there is no IT department.
Happy upcoming Patch Tuesday!