Microsoft's December 2014: Five Patches for Remote Code Execution
December 2014 saw Microsoft releasing seven security bulletins, adding to the year's total of 85. Adobe also issued critical advisories for Flash and Reader/Acrobat. Meanwhile, Mozilla Firefox and Google Chrome are set to drop SSL v3 in their next versions.
Microsoft's December bulletins include five addressing remote code execution vulnerabilities. These include MS14-080 and MS14-084, exploitable via a malicious webpage, and MS14-081, MS14-082, and MS14-083, triggered by opening a malicious document. Additionally, two alerts concern Microsoft Exchange's Outlook Web Access and a Windows graphics library.
The year 2014 surpassed 2013 and 2011 in the number of 0-day vulnerabilities. Internet Explorer faced significant scrutiny, leading to a high number of addressed CVEs. The POODLE vulnerability, affecting certain TLS implementations, is also a concern alongside the phase-out of SSL v3.
Microsoft's December 2014 bulletins focus on remote code execution vulnerabilities, with five patches addressing this issue. Adobe's critical advisories for Flash and Reader/Acrobat highlight the ongoing need for security updates. The upcoming versions of Firefox and Chrome will eliminate SSL v3, while the POODLE vulnerability affects certain TLS implementations.
Read also:
- InformationWarfare in the Modern Era: Enhancing an Information Strategy for today's Battlefield and Botnet Threats
- Ukraine's Drone Revolution: Rapid Evolution and Countermeasures
- EU's Energy Infrastructure Under Siege: Cyber Attacks Surge 67% in 2025
- Vito Schnabel's Art & Real Estate Fortune Tops €10.4M
