Today, January 13, Microsoft is pushing out its first Patch Tuesday of 2015. January Patch Tuesday, brings eight security updates: one of the rated as Critical and the remaining seven updates are rated as Important to address eight vulnerabilities in Microsoft Windows.
All updates released in January affect all major versions of Windows, including Windows 8.x, Windows RT 8.x, Windows 7 and Windows Server. Five of the updates resolve elevation of privilege that could allow exploiting the vulnerability to affect the operating system. Two of the security updates address vulnerability that could allow security feature bypass. The last update deals with vulnerability in network policy server RADIUS implementation that could cause denial of service.
This Patch Tuesday also addresses the issue, Microsoft criticized Google for publishing information two days before of its release. The update is defined as KB3023266: “The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could bypass existing permission checks that are performed during cache modification in the Microsoft Windows Application Compatibility component and execute arbitrary code with elevated privileges.”
Microsoft is also making available the last update for Windows 19 build 9879, which is a security update for Flash in Internet Explorer.
— Gabriel Aul (@GabeAul) January 13, 2015
This far it appears that Microsoft won’t be releasing a new firmware update for Surface tablets, not even for Surface Pro 3.
Like always if you have enabled automatic update, these updates will install automatically. However, you can always go to Windows Update from the Control Panel and install all the January updates manually.
Update: Microsoft releases firmware update for all three versions of Surface Pro.