January patch day: Microsoft closes zero-day vulnerability in Windows XP2014-03-21 | Comebuy News
On his January patch day, Microsoft will provide an update for the zero-day vulnerability in Windows XP and Server 2003, known since the end of November. The error allows "execute arbitrary code in kernel mode". Nevertheless, the software group classifies the outgoing of the vulnerability risk only as "high" and not as "critical".
Overall Microsoft will publish four bulletins next Tuesday, of which none has received the rating "critical". The last patch day without critical updates was in September 2011. It is that Microsoft will give out four or less updates on a patch day also the first time since September, 2012.
The other three patches close gaps in Windows 7 and Server 2008 R2, as well as Dynamics AX 4.0, 2009, 2012 and 2012 R2. In addition, Word 2003, 2007, 2010 and 2013, Word Viewer, and the Office Compatibility Pack are vulnerable.
Updated Microsoft also be "Windows-tool malicious software removal" as usual. Because the group in advance of patch day makes basically no information to the exact number of the bug, it can be that a patch resolves several vulnerabilities.
Moreover, X has announced for reader and Acrobat XI (11.0.5) for Windows and Mac OS Adobe security update. The security vulnerabilities referred to unspecified into according to company also earlier reader and Acrobat X (10.1.8 update volume). Also these patches will be available users from next Tuesday.
[with material by Larry Seltzer, ZDNet.com]
Tip: You are familiar with operating systems? Test your knowledge? with 15 questions on ITespresso.de.