Need The Best IT Services In Colorado Springs?

Call Us Today!

719.439.0599

First Patch Tuesday of the Year Brings Critical Bulletins and End of Support for Windows 7

down_img

Published On: January 19, 2015 by CCS

Patch TuesdayCritical Bulletins from Microsoft

Microsoft has issued eight security bulletins made to patch a number of security vulnerabilities with only one listed as ‘critical’, this just weeks after they implemented changes to their advanced notification service for casual customers.

The security update that Microsoft labeled as ‘critical’ is the Vulnerability in Windows Telnet Service Could Allow Remote Code Execution (or MS14-002), which affects multiple Microsoft Windows versions and allows for remote code execution on affected systems. The bulletin stated that only customers who enable the Telnet service would be vulnerable, and also reported that Telnet is not installed by default on Windows Vista or any later operating systems.

MS15-005 and MS15-006 are both rated as ‘Important’ and describe a security feature bypass which would result in a system restart. Four of the bulletins marked ‘Important’ describe an elevation of privilege.

Mainstream Support for Windows 7 Ending

The end of mainstream support for Windows 7 was also announced as part of the first Patch Tuesday of the year. This dictates that non-security updates will no longer be provided for the system, but security updates will still be sent out.

All support for Windows 7 will end in January 2020.

Users and system administrators are recommended to immediately patch these system vulnerabilities. Trend Micro Deep Security and Office Scan with the Intrusion Defense Firewall (IDF) plugin protect user systems from threats that may leverage these vulnerabilities following DPI rules:

1006439 – Microsoft Windows Telnet Service Buffer Overflow Vulnerability (CVE-2015-0014)

1006441 – Microsoft Windows Components Directory Traversal Elevation Of Privilege Vulnerability (CVE-2015-0016)

1006372 – Microsoft Network Policy Server RADIUS Implementation Denial Of Service Vulnerability (CVE-2015-0015)

For more information to help you understand what these updates could mean for your business, contact Colorado Computer Support immediately – send us an email at blake@coloradosupport.com or reach out to us directly by phone at 719.439.0599.

Business Technology Support

We invite you to contact us using the method that's most convenient for you:

4925 N Union Blvd

Colorado Springs, CO 80918

local: 719.439..0599
toll-free: 866.611..5207
fax: 719.355..3581

Contact Us Using The Form Below.