Patch Tuesday October 2014 It’s a Wicked Word Hack

Wicked Word Hack

It’s a wicked Word hack this Patch Tuesday!

Microsoft released eight patches today fixing 24 security holes. Most notable was a patch for Word (for both Windows and Mac) that prevents poisoned Word files from taking over the operating system. And a monster patch for Internet Explorer vulnerabilities. Yes, you will need to reboot after installing these patches.

Oracle released an update for Java today for both Windows and Mac. That’s the coffee cup icon you see in your Windows task tray begging to be updated. This patch fixes a vulnerability that allows an infected web page to install malware on your computer merely by browsing to it, you don’t even need to click on anything on the page.

Early reports are that the new installation does not uninstall the old version properly on Windows so this is a two step update. I recommend you uninstall Java from the Control Panel first.  Leaving old versions of Java on your computer makes it vulnerable to infected web sites. Next, go to www.java.com and download the latest version.

Do you need Java anyway? I have one client who always asks me this every time we talk. For some web sites to work properly you do need it. If you are very concerned about Java security, you can uninstall it and see what web sites do not work and then evaluate how critical those web sites are for your business.

Another month, another hot Adobe Flash update! Adobe release updates to Flash today but none for the ubiquitous Adobe Reader. Do you need Adobe Flash? A lot of web sites use Flash including Youtube.

In the WordPress world, no new version of WordPress but a lot of updates for plugins such as iThemes Security, Backup Buddy, and WordPress SEO. Be sure to check your WordPress control panel regularly for security updates.