January certainly is the month where people take things slow, and Microsoft certainly seems to agree. The company has released only four security patches this first Patch Tuesday cycle for 2017.
As expected, some would say.
The software titan pushed out significant updates to its operating system yesterday, and has now detailed some of the security fixes that came with these refreshes. None, however, seems to address any particularly crucial issue.
We have MS17-001 which is a security update for Microsoft Edge, listed as Important. This patch takes care of an exploit that potentially allowed attackers to elevate their privileges on targeted machines, though there are no sign that this particular exploit was being used in the wild.
Next up is, MS17-002, an update that addresses issues certain versions of Microsoft Office and Microsoft Office Services and Web Apps. Again, remote code execution is the issues here that is fixed.
Which brings us to MS17-003 that is the only security patch for this month that comes with the Critical rating on the severity scale. This update come note from Microsoft, though, but from Adobe. It is, of course, the monthly batch of Flash patches that addresses security issues on all versions of Windows.
And finally, MS17-004 changes the way the Local Security Authority Subsystem Service (LSASS) in Windows handles specially crafted authentication requests. Listed as Important, this patch protects the system from potential denial of service attacks that could trigger system reboots.
So, there you have it.
Four patches from Microsoft, three if you discount the Adobe Flash one, for what is the first Patch Tuesday of the year. The company recommends users to deploy these as soon as possible to keep their machine secure.
Reboots may be necessary to complete the installation, so prepare accordingly.