It's Microsoft Patch Tuesday: January 2014

Here's the information you need to make the right deploy decisions when applying Microsoft's January 2014 patches in your organization.

 After a busy December capping off a 2013 that saw an average of about nine security bulletins per month, Microsoft is kicking off 2014 with a lighter-than-usual Patch Tuesday. There are only four security bulletins this month, and all four are rated merely as Important.

The most notable of the bunch is MS14-002, because it addresses a zero day flaw in Windows XP that has already seen limited exploit in the wild for a few months. Don't let the lack of Critical bulletins make you apathetic, though -- you should still apply all applicable patches and updates as quickly as possible.

Security patches

 MS14-001 / KB2916605 - Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution

This security bulletins addresses a few separate vulnerabilities in Microsoft Office. An attacker could use a specially-crafted malicious file to exploit the flaw and execute remote code on the vulnerable system. The impact of these flaws is reduced by the facts that the attacker first has to dupe a user into opening the malicious file, and that a successful exploit only allows the attacker to run remote code in the same context as the currently logged in user. As long as the user does not have Administrator privileges on the system, there is minimal risk.

 MS14-002 / KB2914368 - Vulnerability in Windows Kernel Could Allow Elevation of Privilege

This is the most crucial of the four security bulletins. The vulnerability affects Windows XP and Windows Server 2003. An attacker can gain elevated privileges on the target system by exploiting this flaw. One caveat is that the attacker must have valid logon credentials and be logged in locally on the system in order to execute a successful exploit. Attackers have been actively exploiting the vulnerability in the wild, though, so it is urgent that this patch be applied to vulnerable systems as soon as possible.

 MS14-003 / KB2913602 - Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege

This security bulletin addresses a vulnerability in the Windows kernel drivers in Windows 7 and Windows Server 2008 R2. Attackers can exploit this vulnerability to execute arbitrary code in the context of the kernel. Like MS14-002, Microsoft states that the attacker must have valid logon credentials and be logged in locally on the vulnerable system in order to initiate the exploit.

 MS14-004 / KB2880826 - Vulnerability in Microsoft Dynamics AX Could Allow Denial of Service

This security bulletin only affects customers running Microsoft Dynamics AX. An attacker can submit specially crafted data to a Microsoft Dynamics AX Application Object Server (AOS) instance to exploit the vulnerability and cause the a denial-of-service condition on the affected AOS instance.