‘Patch Tuesday’ December 2016

Microsoft Security Patches

This months Microsoft Patch Tuesday includes 12 security updates for products including:

  • Internet Explorer
  • Microsoft Edge
  • Microsoft Windows
  • Microsoft Office
  • Adobe Flash Player

Of these 12 security updates, 6 are marked as critical.

Each of the critical updates patches vulnerabilities that can lead to remote code execution. An attacker who successfully exploits these vulnerabilities, will have access to the machine with the same rights as the user who is logged in. If the user is running as Administrator, the attacker could then install software; view, edit, or delete data; or change other setting within the machine.

Standard users will be less impacted for 4 of these updates than those running as Administrator.

All users, should run as a standard user, with the administrator account being left for administrative tasks. i.e. install software, changing settings.

Update can be install for Windows by holding the Windows Key and Pressing R. When the dialog box appears, type control update and press enter. In the windows that appears click check for updates. After some time, available updates will be shown. Click Install Updates.

Apple Security Patches

Apple have also release updates for the following products:

  • iOS
  • tvOS
  • macOS Sierra
  • Safari
  • iTunes for Windows
  • iCloud for Windows

iOS is now updated to version 10.2 and is available for iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later. iOS 10.2 is a major update including many vulnerability patches and newer features added to iOS.

tvOSĀ  is now updated to version 10.1 and is available for the Apple TV 4th Generation. It patches many security vulnerabilities that may lead to remote code execution.

macOS Sierra is now updated to version 10.12.2 and patches many many security vulnerabilities including some that may lead to remote code execution. Some of these patches are also available for OS X El Capitan. If you are running older OS X operating systems it would be wise to upgrade to macOS if your device can support it.

Safari is now updated to version 10.0.2 and patches vulnerabilities that could lead to remote code execution. It is available for Yosemite, El Capitan, and macOS Sierra.

Information on installing updates for Mac can be found here. Information on installing updates for iPhone, iPad, or iPod can be found here.

Updates for iTunes and iCloud for Windows can be installed using Apple Software Update. This can be found in the start menu, under All Apps, or All Programs.

Updates for iTunes and iCloud fix vulnerabilities that could allow remote code execution as well as fixing other bugs within the software.