Patches

Three important and two critical updates to be released this Tuesday

Microsoft is to issue two critical and three important bug fixes in next week’s Patch Tuesday, 11 February, the second release of 2014.

Both critical updates fix a remote code execution flaw, with the first being applicable to Windows 7, Windows Server 2008 R2, Widows 8, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT and Windows RT 8.1, and the second affecting Forefront Protection 2010 for Exchange Server security software.

Two of the important patches, one relating to an elevation of privilege issue and the other an information disclosure bug, affect all current versions of Windows, including Windows XP. This is likely to be one of the last security updates for the 12-year-old operating system, which Microsoft has vowed to end support for on 8 April.

The final patch relates to a denial of service vulnerability that only affects Windows 8 and Windows 8.1, Windows Server 2012 and Windows Server 2012 R2, and Windows RT and Windows RT 8.1.

As usual for Patch Tuesday, the nature of the vulnerabilities has not been revealed ahead of the updates’ release.

This update follows on from a similarly light January Patch Tuesday, which featured just four updates, none of which were critical.

Those updates addressed two elevation of privilege vulnerabilities, one relating to Adobe Reader running on XP the other to Windows 7 and Windows Server 2008 R2, a remote code execution issue in various aspects of Microsoft Office, and a denial of service vulnerability in Microsoft Dynamics.