The Broadband Guide
search advanced
 forgot password?

Microsoft issues critical security fixes

2014-11-12 09:55 by


Microsoft has released November patches for its Windows operating system, Office and Internet Explorer software. Of total 14 vulnerabilities patched, four were rated critical - the highest severity rating.

Most notably, one of the bug fixes addresses a vulnerability that has existed for 19 years in all Windows versions from Windows 95 onward. It allows remote attacker to take over and control a target computer.

One of the fixed vulnerabilities (CVE-2014-6352) affects Windows Object Linking and Embedding and could allow remote code execution if the user visits a website infected with malicious code. If the user uses an administrator account, the attacker could gain access to the computer and install programs, change or delete data. At first, this flaw was patched in October but it didin't completely fix the vulnerability. Now Microsoft expects that attackers won't be able to exploit this bug in the future.

Another patched flaw affects the TCP/IP stack in Windows Server and could allow an attacker to execute code in the context of another running process which may have more system privileges.

Microsoft also patched the CVE-2014-6321, a remote code execution vulnerability in the Microsoft Secure Channel (Schannel) - Microsoft's software for implementing secure transfer of data. All versions of Windows were affected.

Read more -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About