Skip to main content
Tag

IT Systems Management

||||

Prepare for Patch Tuesday!

By News, Patch Management, Patch TuesdayNo Comments

Do you have a patching strategy? It should include turning off Automatic Windows update.

Patch Tuesday is here. To avoid the usual splitting headache, we recommend disabling automatic updates for Windows and implementing a reliable patch strategy.

Windows 10 updates whether you want it to or not…unless you know the trick. While we recommend that you always keep your systems patched, sometimes the updates are worse than the vulnerability, like the July Patch Tuesday this year.

Win10

If you have a Professional, Enterprise, or Education edition of Windows 10, you can turn off automatic updates, but the option is hidden. You need to pull yourself out of beta testing and then delay new versions by setting the “feature update” deferral to 120 days or more. Here’s what to do in version 1703, if you have a later version of Windows 10 these settings still apply, but the wording is slightly different.

  • Press Win-R, type gpedit.msc, press Enter. This brings up the Local Group Policy Editor.
  • Navigate the left pane as if it were File Explorer to
  • Computer Configuration > Administrative Templates > Windows Components > Windows Update > Defer Updates.
  • Choose Select when Feature Updates are received.
  • In the resulting dialog box, select Enabled.
  • In the Options box, type in how many days you’d like to pause updates and then in the next field type in today’s date.
  • Click Apply and then OK.

If you want to you can repeat this process for the second setting in Group Policy named Select when Quality Updates are received. Keep in mind, however, that quality updates include security updates and skipping them is not the best idea. On the upside, security updates are cumulative meaning if you do skip these updates, you can download the next one and be up to date.

Win7 and 8

  • Log in to the Windows 7 or Windows 8 guest operating system as an administrator.
  • Click Start > Control Panel > System and Security > Turn automatic updating on or off.
  • In the Important updates menu, select Never check for updates.
  • Deselect Give me recommended updates the same way I receive important updates.
  • Deselect Allow all users to install updates on this computer and click OK.

Patch Strategy

Your IT update solution should facilitate phased rollouts and have full rollback options. These are the necessary keys to avoiding data loss or device outages.

Step 1. Identify

You can’t manage your environment if you don’t know what devices are there and which need updates. An IT solution should also be able to manage roaming devices.

Plus, if data is stale, it could mean missing a device or update that was critical to secure. Detect the state of your environment with live, accurate, and actionable data.

Step 2. Test Group Deployment

Deploy the updates to a small group of devices. These devices should be of low impact to the overall productivity of your company. Once these devices have been successfully and safely updated, you can deploy needed updates without worrying about a massive disaster.

Step 3. Phased Rollout

Now updates should be distributed to any device that needs them. However, you want this task to preform around business hours. Updates are important, but so is avoiding interruptions of productivity. A maintenance window should be set up so that any update tasks happen before and after business hours.

And to facilitate a proper patching strategy, look to a comprehensive IT solution.

Syxsense

This is the solution for all of your patching needs. Syxsense can deploy updates to Windows, Mac, and Linux devices. It is a complete patching solution that can manage devices both in your network, but also roaming and out of the office.

Software Update Service

We understand that while updating software is the #1 way to protect your environment, it’s low on your priority list. As an IT department, you have other pressing tasks that you need your attention.

With our Software Update Service, you can move forward while we keep your devices up to date.

Our expert patch management team provides reliable support with detection and remediation for Windows and third-party software updates. We work closely with you to provide safe and efficient endpoint security with your own systems management tool or ours, Syxsense.

Our team will keep your IT systems reliable with endpoints updated and secure.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
December 11, 2018
Love0
|

BitPaymer Ransomware Hits NHS

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”large”]

Is BitPaymer going to be bigger than WannaCry?

On August 25th, a handful of Scottish hospitals was infected with the BitPaymer ransomware. This group of hospitals, responsible for more than 654,000 residents, was also hit during the WannaCry ransomware event three months ago.

Although the hospitals reacted quickly and avoided paying a ransom, the hack caused major disruption, leading to thousands of cancelled appointments.

While a bullet was dodged here, BitPaymer has the potential to be much larger than WannaCry. A big danger is that this hack utilizes computers with RDP. According to some estimates, there are over 4 million endpoints vulnerable like this. That is 10 times more computers than WannaCry infected.

While RDP is a useful tool for keeping people productive, it’s risks outweigh the benefits. It’s time to replace RDP with a secure, powerful solution. Syxsense offers a Remote Desktop Access feature. We prioritize security and utilize 2048-bit encryption for communication.

BitPaymer doesn’t need end user interaction to infect a device. To show you who is accessing devices and when, we provide comprehensive audit logs and reports. Replace RDP and sign up for a free trial of Syxsense today!

[vc_single_image image=”12852″ img_size=”180×180 px” alignment=”center”]

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
September 5, 2017
Love0
||||

Russian Hacking Group Targets Hotel Guests

By NewsOne Comment
[vc_single_image image=”12919″ img_size=”large”]

Hackers Use NSA Tools in Hotels Across Europe

A group of Russian hackers best known for breaking into the Democratic National Committee have been using a leaked NSA espionage tool to target hotels across Europe in an attempt to spy on guests, according to new research published by cybersecurity firm, FireEye.

The hacker group known as APT28, or Fancy Bear, has targeted victims through connections to hacked hotel Wi-Fi networks.

APT28 infiltrated hotel networks via phishing emails that contained infected attachments and malicious Microsoft Word macros. Once they were in a hotel Wi-Fi network, they would then launch NSA hacking tool EternalBlue, which was leaked in 2017. This tool allowed them to spread control throughout the network, eventually reaching servers responsible for the corporate and guest Wi-Fi networks.

“It’s definitely a new technique” for the Fancy Bear hacker group, says Ben Read, who leads FireEye’s espionage research team. “It’s a much more passive way to collect on people. You can just sit there and intercept stuff from the Wi-Fi traffic.”

Hotel Wi-Fi has become a major vehicle for advanced hackers to target people of interest who happen to be connected. In 2014, researchers at security firm Kaspersky Lab said a group it dubbed Dark Hotel had been infecting hotel networks for at least seven years.

In a separate report a year later, Kaspersky Lab researchers uncovered evidence suggesting a separate hacking group with ties to the creators of the Stuxnet worm infected hotel conference rooms in an attempt to monitor high-level diplomatic negotiations the US and five other nations held with Iran over its nuclear program.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

[vc_single_image image=”12927″ img_size=”180×180 px” alignment=”center”]

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

What can you do to protect yourself?

For remote users, it’s important to be aware of the threats like having information and credentials passively collected when connecting to public, untrusted networks. Experts advise using your own wireless hotspot and avoid connecting to hotel Wi-Fi networks when possible.

Keeping all remote devices fully patched is also critical. APT28 is using the same exploit as WannaCry and NotPetya. Microsoft patched these weaknesses in March 2017 and tools like Syxsense, Windows Update or other patching solutions should be already protected by deploying MS17-010.

However, many organizations have older non-Microsoft supported operating systems still deployed – Windows Server 2003, Windows XP, Windows XP Embedded and Windows 8. Microsoft also took the unusual of releasing a patch for these unsupported operating systems.

We strongly recommend identifying all vulnerable operating systems and deploying this patch immediately.

[spacer height=”10px”][vc_single_image image=”11213″ img_size=”medium” alignment=”center”]

Many companies struggle to keep remote users completely up-to-date since they rely on manual patching or simply do not prioritize the process. However, patching is a necessity – even more so for machines that are not always on the network.

Syxsense allows you to keep all devices, including remote users, fully patched and protected. After months of global ransomware attacks and major security threats, it has never been more important to protect your IT environment.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
August 15, 2017
Love0

March Patch Tuesday: Patching Chaos

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

The Eye of the Patch Storm

Two months have passed since the beginning of the year where we saw one of the smallest releases of patch content for the past couple of years, to then having an entire baseline cancelled at the last minute in February.

Some IT managers may have counted their lucky stars for the reduction in their workload so far this year – that is until they see this massive release.

Microsoft have released eighteen updates this month, nine are rated Critical with the remaining rated Important. Last week Microsoft also released 17 KB updates covering Office version 2013 and 2016. Full details of that release can be found here.

Last year we raised our concerns about rolling patches together, and last month only two months since Microsoft adopted this strategy were our concerns realized. Because of a single bad patch, the entire baseline was cancelled. 

Don’t get us wrong, we understand the benefit of rolling content into single cumulative updates, but we also appreciate the level of testing needed to ensure a safe combination of updates when rolling them together. That same level of care should be adopted when deploying updates in your environment to ensure bad updates do not cause business outages.

A school study at the University of Maryland was the first to quantify the near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average.

[vc_single_image image=”11077″ img_size=”medium”]

Robert Brown, Director of Services said “Perception as to the current threat to a company’s network should not be founded on the content released by vendors such as Microsoft alone. There are multiple perimeters you can secure to protect your assets, but remember to also look at the tool you are using to secure your environment. In the past few weeks, IBM have released over 20 security updates for their premise and cloud based patch management tools, meaning your toolset should have a perimeter of its own.”

According to the SANS Institute, 95 percent of all attacks on enterprise networks start with a successful spear phishing attack. Full details of this article can be found here.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Microsoft Updates

We have chosen a few updates to prioritize this month. This recommendation has been made using evidence from industry experts (including our own), anticipated business impact and most importantly, the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

Number

Bulletin ID

Description

Impact

Restart Requirement

Publically Disclosed

Exploited

Severity

CVSS Score

Recommended High Priority

1

MS17-006

Cumulative Security Update for Internet Explorer (4013073)

 

This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Remote Code Execution

Yes

Yes

Yes

Critical

8.8

Yes

2

MS17-007

Cumulative Security Update for Microsoft Edge (4013071)

 

This security update resolves vulnerabilities in Microsoft Edge. These vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Remote Code Execution

Yes

Yes

No

Critical

8.8

Yes

3

MS17-008

Security Update for Windows Hyper-V (4013082)

 

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs a specially crafted application that causes the Hyper-V host operating system to execute arbitrary code. Customers who have not enabled the Hyper-V role are not affected.

Remote Code Execution

Yes

Yes

No

Critical

8.8

 

4

MS17-009

Security Update for Microsoft Windows PDF Library (4010319)

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document.

Remote Code Execution

Yes

No

No

Critical

8.8

 

5

MS17-010

Security Update for Microsoft Windows SMB Server (4013389)

 

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.

Remote Code Execution

Yes

No

No

Critical

9.8

Yes

6

MS17-011

Security Update for Microsoft Uniscribe (4013076)

 

This security update resolves vulnerabilities in Windows Uniscribe. The most severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Remote Code Execution

Yes

No

No

Critical

7.8

 

7

MS17-012

Security Update for Microsoft Windows (4013078)

 

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application that connects to an iSNS Server and then issues malicious requests to the server.

Remote Code Execution

Yes

Yes

No

Critical

9.8

Yes

8

MS17-013

Security Update for Microsoft Graphics Component (4013075)

 

This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Microsoft Lync, and Microsoft Silverlight. The most severe of these vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Remote Code Execution

Yes

No

Yes

Critical

8.4

Yes

9

MS17-014

Security Update for Microsoft Office (4013241)

 

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Remote Code Execution

Maybe

Yes

No

Important

7.8

 

10

MS17-015

Security Update for Microsoft Exchange Server (4013242)

 

This security update resolves a vulnerability in Microsoft Exchange Outlook Web Access (OWA). The vulnerability could allow remote code execution in Exchange Server if an attacker sends an email with a specially crafted attachment to a vulnerable Exchange server.

Remote Code Execution

Yes

No

No

Important

5.4

 

11

MS17-016

Security Update for Windows IIS (4013074)

 

This security update resolves a vulnerability in Microsoft Internet Information Services (IIS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted URL which is hosted by an affected Microsoft IIS server. An attacker who successfully exploited this vulnerability could potentially execute scripts in the user’s browser to obtain information from web sessions.

Remote Code Execution

Yes

No

No

Important

6.1

 

12

MS17-017

Security Update for Windows Kernel (4013081)

 

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application.

Elevation of Privilege

Yes

Yes

No

Important

7.8

 

13

MS17-018

Security Update for Windows Kernel-Mode Drivers (4013083)

 

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

Elevation of Privilege

Yes

No

No

Important

7.8

 

14

MS17-019

Security Update for Active Directory Federation Services (4010320)

 

This security update resolves a vulnerability in Active Directory Federation Services (ADFS). The vulnerability could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system.

Information Disclosure

Yes

No

No

Important

4.3

 

15

MS17-020

Security Update for Windows DVD Maker (3208223)

 

This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.

Information Disclosure

Yes

No

No

Important

2.8

 

16

MS17-021

Security Update for Windows DirectShow (4010318)

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow an information disclosure if Windows DirectShow opens specially crafted media content that is hosted on a malicious website. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.

Information Disclosure

Yes

No

No

Important

3.3

 

17

MS17-022

Security Update for Microsoft XML Core Services (4010321)

 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user visits a malicious website. However, in all cases an attacker would have no way to force a user to click a specially crafted link. An attacker would have to convince a user to click the link, typically by way of an enticement in an email or Instant Messenger message.

Information Disclosure

Yes

No

Yes

Important

3.5

 

18

MS17-023

Security Update for Adobe Flash Player (4014329)

 

This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016.

Remote Code Execution

Yes

NA

NA

Critical

 

Yes

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
March 15, 2017
Love0

February Patch Tuesday: No Love From Microsoft

By Patch Management, Patch TuesdayNo Comments
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
February 15, 2017
Love0

The Best of 2016: Our Year in Review

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Our Year In Review

2016 was a big year for Syxsense. As a company, we are constantly growing, adding new features and always focused on our customers.

IT systems management is frequently changing and it’s crucial to keep up with the latest news, strategies and updates. Every month, we share the latest Microsoft and third-party patches, explaining which to prioritize and how to implement the most effective patch strategy.

With plenty of changes on the way for 2017, be sure to stay on top of patching and IT systems management in the new year. Even when other tasks fill up your to-do-list and seem more important, prioritizing patching is the best New Year’s resolution for any IT manager. Explore the highlights and some of our favorite content from the past year.

Top Whitepapers

Top Videos

Top Posts

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START FREE TRIAL[/dt_default_button]
January 18, 2017
Love0
|

Sick of Your Systems Management Toolset?

By NewsNo Comments

IT Systems Management toolsets are becoming increasingly more complex. Whether you have tried one single solution or are using multiple products for patching, remote control, software distribution and inventory, so much work goes in to just managing and maintaining these tools. We invite you to join industry expert and Head of Desktop Management Services at Verismic Robert Brown for an informative webinar where he will share the top six issues IT professionals are sick of dealing with and best options to overcome them.

Join us: Wednesday 29 April 2015

[vc_single_image image=”2463″ img_size=”large”]

About the Presenter: Robert Brown is the head of Desktop Management Services at Verismic and is responsible for all software delivery services, which includes Security Updates and software distribution deployments. Rob Brown has 15+ years background in IT industry and within the last 10 years has focused on the systems management space.
March 31, 2015
Love0

December Patch Tuesday updates from Microsoft

By Patch Management, Patch TuesdayNo Comments

The final Patch Tuesday of 2014 is upon us so with that in mind we thought we’d take a quick look at how the year stacks up. There were a total of 85 bulletins fixing 349 separate vulnerabilities in Microsoft’s products; 29 were rated as Critical, 53 as Important, and 3 rated Moderate. Internet Explorer featured heavily this year, with over 200 separate vulnerabilities being patched – January being the only month where Internet Explorer didn’t feature in any update.

Compared to last year there were 21 fewer patch updates yet there were more individual vulnerabilities patched in 2014 compared to 2013 (349 vs. 332).

This month there are three Critical and four Important updates fixing a total of 25 vulnerabilities, including the delayed MS14-075 update from November, which we’ll cover first.

MS14-075

Rated as Important, this is the delayed update that was originally due to be released in November’s Patch Tuesday that addresses four privately reported vulnerabilities in Microsoft Exchange Server. The most severe of the four could allow elevation of privilege if a user views a specially crafted web page using…Internet Explorer unsurprisingly! Should an attacker successfully exploit the vulnerability they would be able to gain the same rights as the current user.

Critical Updates

MS14-080

The most severe of the 14 privately reported vulnerabilities in this bulletin could allow remote code execution, again, if the user visits a specially crafted web page using Internet Explorer. Successful exploitation would give the same rights to the attacker as the current user.

MS14-081

The second of three Critical updates resolves two privately reported vulnerabilities in Microsoft Word and Microsoft Office Web Apps. The vulnerabilities could allow for remote code execution if an attacker is able to convince a user to open, or even just preview, a specially crafted Microsoft Word file within an affected version of Microsoft Office software. The affected versions include: all supported editions of Microsoft Word 2007, Microsoft Office 2010, Microsoft Word 2010, Microsoft Word 2013, Microsoft Word 2013 RT, Microsoft Office for Mac 2011, Microsoft Word Viewer, Microsoft Office Compatibility Pack.

MS14-084

The final Critical update of 2014 is a security update that resolves a privately reported vulnerability in VBScript – the scripting engine in Microsoft Windows. If a user visits a specially crafted website the vulnerability could allow for remote code execution, which, if successfully exploited, will give the attacker the same rights as the current user. If the user is an administrator then the attacker could potentially take complete control of an affected system so it would be wise to prioritise this patch over the others.

Important Updates

The final three updates (unless an out-of-band patch is released) address three privately reported vulnerabilities across Microsoft Office and Microsoft Excel, as well as one publicly disclosed vulnerability in Microsoft Windows. All three of the privately reported vulnerabilities could allow for remote code execution if successfully exploited. Again, this could allow an attacker to gain the same rights as the current user.

The publicly disclosed vulnerability (MS14-085) could allow Information Disclosure should a user visit a website containing specially crafted JPEG content. Whilst this particular vulnerability doesn’t allow code execution, the information disclosed could reveal details about the system that could be used in conjunction with another vulnerability to bypass security features.

Next steps

As usual, we have included a breakdown of this month’s bulletin in the table below and have prioritised the patch updates by the independently rated CVSS score. We’d advise that you prioritise patches MS14-080, MS14-081, MS14-082, MS14-083 & MS14-084. For our customers, we will be analysing the binary code for each update and will be rolling out the patch updates using Verismic Syxsense, as per the agreed deployment process.

Update No.
CVSS Score
Microsoft Score
Affected Software
Details
MS14-080 9.3 Critical Microsoft Windows, Internet Explorer Cumulative Security Update for Internet Explorer (3008923)
MS14-081 9.3 Critical Microsoft Office Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (3017301)
MS14-084 9.3 Critical Microsoft Windows Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
MS14-082 9.3 Important Microsoft Office Vulnerability in Microsoft Office Could Allow Remote Code Execution (3017349)
MS14-083 9.3 Important Microsoft Office Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (3017347)
MS14-075 5.0 Important Microsoft Exchange Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)
MS14-085 4.3 Important Microsoft Windows Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126)
December 11, 2014
Love0