Microsoft released eight bulletins addressing 13 vulnerabilities in Internet Explorer, Windows, and Office as part of May’s Patch Tuesday update. Three of them are already being exploited in the wild, Microsoft said. While Microsoft did not release any patches for XP users, experts believe the issues affect the old operating system as well. Microsoft ended support for Windows XP last month, which means users no longer receive security patches for the old operating system. Enterprises who shelled out for extended support contracts will still receive updates. The Internet Explorer update (MS14-029) is the highest priority patch this month. It is different from other IE patches because this is not a cumulative patch, which means users must install last month’s cumulative IE update (MS14-018) before installing this patch. This month’s bulletin includes the out-of-band fix from earlier this month which fixed a zero-day vulnerability (CVE-2014-1776). <more>

Leave a Reply

Your email address will not be published. Required fields are marked *