Microsoft has announced this month’s Patch Tuesday release.  There are 4 total patches expected to be released on Tuesday, April 8th. With this Patch Tuesday we also say farewell to Windows XP and Office 2003 support.  Microsoft has reached the End of Life for these two products.  All in all a seemingly light April for Microsoft Patching, but I think the first two bulletins will be concerning enough. Likely bulletin 1 will be resolving a known vulnerability in Office that is currently being exploited in the wild (Security Advisory 2953095).  You will want to pay special attention to the 3rd Party updates that released in between March and April.  March's Pwn2Own conference was held on March 12-13th and a number of browser and high profile product exploits were displayed at the conference netting a $850k in bounties. Products such as Adobe Flash and Reader, IE, Firefox, and Safari were all successfully exploited during the event.   We may see a few more on Patch Tuesday yet as well.  Back to Patch Tuesday, here is the breakdown for this month:

Security Bulletins:

  • Two bulletins are rated as Critical.
  • Two bulletins are rated as Important.

Vulnerability Impact:

  • Four bulletins address vulnerabilities that could allow Remote Code Execution.

Affected Products:

  • All supported Windows operating systems
  • All supported Internet Explorer versions
  • All supported versions of Office

Join us as we review the Microsoft and third-party releases for April Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, April 9th at 11 a.m. CST.  We will also discuss other product and patch releases since the February Patch Tuesday.

You can register for the Patch Tuesday webinar here.