Microsoft Patch Tuesday October 2014 brings 24 vulnerability fixes to Windows, IE, Office

Microsoft Patch Tuesday for Windows

It’s that time of the month again, for October 14, 2014, Microsoft is releasing a total of eight security updates for its Patch Tuesday: three are rated Critical and the remaining five are rated Important, and they all address 24 vulnerabilities in Windows, Internet Explorer, Office, ASP.NET, and .NET Framework.

The cumulative security update for Internet Explorer described as KB2987107 addresses fourteen reported vulnerabilities found in Microsoft’s web browser. For Windows there is an update described as KB3000061 and resolves two privately reported vulnerabilities in the operating system. The most severe vulnerability could allow attacker to convince users to open special crafted document or visit an untrusted website to execute remote malicious code. 

The update KB3000869 fixes a vulnerability in Windows OLE that could allow remove code execution if the target users opens a Microsoft Office document that contains specially crafted OLE object. The KB30000434 resolves a vulnerability in Microsoft Office that could allow attacker run malicious code if the user is convinced to open an special Word document. For complete listing of vulnerability fixed in October Patch Tuesday, you can head over the Microsoft Security Billeting Summary for October 2014.

As for non-security updates Microsoft released the following patches:

List of updates originally compiled by ZDNet.

The new updates are available immediately, they will install automatically, but you can always go to Windows Update in Control Panel or PC settings to update manually.

SEE ALSO: Surface family gets firmware update on October Patch Tuesday, Surface Pro 3 doesn’t

Source Microsoft