Yes, you heard it right. There are only 2 patches for this month’s patch Tuesday and none of them are Windows system related. Both patches are rated Important and none of them is known to be under active exploit in the wild.
MS12-061 – Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privilege (2719584) – effecting on Microsoft Developer Tools.
MS12-062 – Vulnerability in System Center Configuration Manager Could Allow Elevation of Privilege (2741528) – effecting Microsoft Server software.
Both patches are elevation of privilege vulnerabilities, which means that the hacker would need to have already gained access to the system to be able to exploit to take advantage of these holes. Because they are not addressing any issues in Windows system, don’t be surprised if you the Windows update balloon doesn’t pop up.
As a side but related note, Adobe also released a number of fixes for Flash, Photoshop CS6, and ColdFusion. The most important one is APSB12-19 which fixes seven vulnerabilities in Flash Player. One of them is addressing the crash issue in Firefox. So if the Adobe update pops up from the system tray, you better go ahead to get them installed and patched.
Latest posts by Kent Chen (see all)
- Free eBook – Crypto 101 to Start Learning How Encryption Works - December 9, 2016
- Microsoft Pauses New Insider Preview Builds for the New Unified Update Platform - December 7, 2016
- How To Disable Removable USB Storage Read, Write and Execute Access on Windows 10 - December 1, 2016
Last updated: 10/28/2014