A very special Patch Tuesday update is now out. Microsoft has just launched the first updates for the year that take care of six different vulnerabilities in various software.
While Windows, Office and Dynamic AX all get a round of improvements and security fixes, this is the first time in recent memory that a patch for Internet Explorer is not included in the mix.
Sign that Microsoft’s browser is ever more secure and stable?
Redmond explained the nuts and bolts of the January 2014 Patch Tuesday updates, and the star of the moment is bulletin MS14-002 that fixes a vulnerability in the Windows kernel that could allow elevation of privilege. Yes, Windows XP malicious PDF document flaw is now history.
Microsoft talks about this, saying that they are aware of attacks that try to exploit this flaw, meaning it is essential for Windows XP users to deploy these update as soon as possible:
“We are aware of targeted attacks using this vulnerability, where attackers attempts to lure someone into opening a specially crafted PDF to access the system. Even when we first saw this, the PDF portion of the attack did not affect those with a fully updated system.”
All these updates are being delivered via the integrated Windows Update option, so if you have automatic updates turned on they will be installed without any user interaction necessary.
At the same time, Microsoft has also rolled out new firmware updates for the Surface Pro. Contrary to expectations, this new firmware does not actually fix the issues reported by users this past December, but only improves the experience with the Type and Touch Cover 2.
Surface Pro 2, however is missing in action altogether.