IT disaster recovery, cloud computing and information security news

End of life issues for Windows 8 and Internet Explorer 8, 9 and 10 need to be acted upon

Details
Published: Thursday, 14 January 2016 09:14

Microsoft’s first ‘Patch Tuesday’ of 2016 marks the end of support for Windows 8 and Internet Explorer 8, 9 and 10, meaning that organizations relying on these software products need to upgrade as a matter of urgency.

Russ Ernst, senior director, Product Management, HEAT Software told Continuity Central:

"Microsoft isn’t messing around with the first Patch Tuesday of 2016. The latest release of nine bulletins, six critical and three important, include the last available updates for Windows 8 – not 8.1 – and Internet Explorer versions 8, 9 and 10. The move is further evidence Microsoft is testing the waters for providing OS-as-a-service with shorter end of support cycles for anything other than the most current OS and browser versions.

"In total, January addresses 25 CVEs, two of which are critical, cumulative updates for IE in MS16-001. CVE-2016-0002 is shared with MS16-003, a scripting engine memory corruption vulnerability which could result in a remote code execution if a user visits a specially crafted webpage using IE. If you’re using IE, it’s time to either update to 11 or make the jump to Edge, which Microsoft would prefer you do. If you have custom applications in your environment that rely on older versions of IE, you can block the End of Life upgrade notification as described in KB 3123303. MS16-002 is a cumulative update for Edge that also addresses two CVEs.

"Earlier this month, Adobe released 20.0.0.267, an update for a Flash Player vulnerability when used in IE or Edge. A bug forced a re-release last week however, so if you use Flash Player you need the latest update: 20.0.0.270. Adobe also released security updates for Reader and Acrobat today. Get them here.

"MS16-004 is another critical update that impacts Office on Mac. If you’re using Mac or operating a heterogeneous environment, cross-platform vulnerabilities are out there and must be patched quickly.

"Overall, Microsoft is now focused on more rapid releases to their Windows 10 OS-as-a-service. In many ways, Windows 10 version 1511 is a lot like Windows 8.1. With the focus now on shortening the lifecycle for their platforms and applications, it will be interesting to see what Microsoft does with the RTM release of Windows 10 later this year as new updates are made to the platform."

https://heatsoftware.com



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

Cyber Response Guide
The BIA Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.