latest updates from easySERVICE™
Today, June 10, is Microsoft Patch Tuesday. It’s also the deadline for consumers running Windows 8.1 to install the Windows 8.1 Update if they want to continue to receive patches and fixes from Microsoft.
Microsoft originally imposed a deadline of May 13 on consumer users to move to the Windows 8.1 Update. On May 12, Microsoft announced a deadline extension to June 10.
Business users still have until August 12 to move to the Update for Windows 8.1 and Windows Server 2012 R2. Microsoft extended the deadline for those updating using Windows Server Update Services (WSUS), Windows Intune and/or System Center Configuration to update users’ machines. Microsoft execs unveiled the new deadline in mid-April after outcry from some that Microsoft wasn’t giving them enough leadtime to apply the update.
Consumers running Windows 8.1 who have Automatic Updates turned on don’t need to do anything; they should have received the Update automatically via Windows Update by now.
Users who are on Windows 8, not Windows 8.1, are not subject to the requirement to move to Windows 8.1 Update by June 10. (Microsoft has set January 2016 as the end support date for Windows 8 users who haven’t moved to 8.1.) Those running Windows 8 who are interested in moving to Windows 8.1 Update do not need to move to Windows 8.1 first, as these updates are cumulative.
The Update for Windows 8.1 included a number of new features designed to make Windows 8.1 more easily navigable by those using keyboards and mice.
Here’s an early look at what’s in today’s Patch Tuesday pipeline.
The company will release seven security bulletins and updates. Two of the updates will be for at least one critical vulnerability.
Bulletin one (which will likely be released as MS14-030) is a critical remote code execution Internet Explorer bug, affecting all versions of Internet Explorer, including IE11 in Windows 8.1. Like other such vulnerabilities, all server versions of Windows are affected, but at a lesser level of severity because IE runs, by default, in Enhanced Security Configuration. Server Core versions of Windows Server do not include IE and are not affected.
Bulletin two is unusual in that it affects a broad selection of both Windows and Office products. It is a remote code execution vulnerability and rated critical on all versions of Windows, Server Core included. It is also critical on Microsoft Live Meeting 2007 Console and all versions of Microsoft Lync, but not Lync Server. It is also rated Important for Office 2007 and Office 2010. Office 2013 appears not to be affected.
All the remaining vulnerabilities have a maximum rating of Important. Bulletin three affects only Office 2007 and Microsoft Office Compatibility Pack Service Pack 3.
Bulletins four and five describe information disclosure bugs in Windows and Lync Server respectively. Bulletin six is a denial of service bug in all Windows versions since Vista, and bulletin seven is a “tampering” bug, a type not often described. Windows 7, 8.x and Server 2012 are affected.
Source: Associated Press
Error: Twitter did not respond. Please wait a few minutes and refresh this page.