Filed under: Web and Application Security
Tags: infosec, microsoft patch tuesday, security, web security, windows security
Microsoft is kicking off 2014 with a modest security bulletin, which includes several vulnerabilities for Windows XP and Windows Server 2003. Luckily, none of this week’s batch contain any critical vulnerabilities. We are graced with ‘Important’-level vulnerabilities across the board.
Nevertheless, as with any security update, we recommend downloading and applying as soon as possible.
Apply all the Patches
MS14-001: Microsoft Office, SharePoint Server, Office Web Apps
Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
Attention Microsoft Office users with admin privileges: this update is intended for you. It fixes an issue in Microsoft Office that primarily affects 2010 and 2013 versions. If a specifically-crafted malicious file is opened using a vulnerable version of Word or other Office software, remote code can be executed. Microsoft says that a successful attack could allow the hacker gain the same user rights as the current user.No Comments »