No More XP after Patch Tuesday

Thursday, April 10, 2014 @ 06:04 PM gHale

Patch Tuesday, while small in nature this month, it was huge in that the industry will no longer see Windows XP as a part of the Microsoft environment.

Four patches — two rated as critical and another two rated as important by Microsoft – did end up releasing.

Industry Faces Life after XP
XP Risks, Protection Tips after April 8
Patch Tuesday: XP, IE Take Center Stage
Security Awareness: A Matter of Safety

This first update (MS14-017) rated critical relates to one private and two publicly disclosed Remote Code Execution vulnerabilities in Microsoft’s Office productivity suite. This attack requires the user to click-on a specially crafted file which allows a successful attacker the same rights as the affected user. This vulnerability in Microsoft Office affects the entire spectrum of Office document handling products including all versions of Microsoft Word (2003, 2007, 2010, 1013, RT) and the Office Word document handling Web services such as SharePoint and Microsoft Web Apps. This issue also affects the Microsoft Word Viewer and the Microsoft Compatibility Pack.

This is the second attempt by Microsoft to resolve this issue as this update is a direct replacement for a security update earlier this year.

The second update (MS14-018) release relates to six privately reported memory corruption vulnerabilities that affect almost all versions of Internet Explorer from version 6 to Version 11 for 32 and 64-bit platforms and for the Windows RT platform – but not Internet Explorer 10 due to its recent Out of Band Update from Microsoft.

This vulnerability ends up exposed through a user accessing a specially crafted web page which could result in the same privileges as the logged in user.

The third (MS14-019) update rated important deals with a single privately reported vulnerability in the file handling functionally in all Windows platforms (32 and 64-bit). Using specially crafted batch or Command files (.bat or .cmd) files an attacker could gain the same access as a user through a Remote Code Execution vulnerability. Microsoft has resolved this security issue with an update to how these files (.bat and .cmd) files are run from remote or network based locations.

And the last update (MS14-020) relates to Microsoft Publisher which deals with a Remote Code Execution security vulnerability if a user opens a specially crafted file in Microsoft Publisher.

Leave a Reply

You must be logged in to post a comment.