Microsoft Patches IE In Latest Security Updates
Microsoft has just released another round of fixes for the company's Internet Explorer (IE) Web browser, as well as a set of updates for the Windows operating system. The company has issued six bulletins in July's "Patch Tuesday" collection of software fixes.
Two of the patches are marked as critical. One of the critical bulletins is for IE, and the other one is for Windows.
Three of the remaining bulletins are denoted as "important" by Microsoft and one as "moderate." These bulletins cover Windows and the messaging component of Windows Server.
Among the patches, IE update MS-14-037 addresses one publicly disclosed vulnerability and 23 privately reported vulnerabilities. The patches in this set all address vulnerabilities that could lead to remote code execution.
The critical Windows update MS14-038 covers a remote execution vulnerability that originates in a faulty way for how Windows opens files in the Windows Journal file format.
Microsoft has also announced that several of its products, including Windows 7 and Windows Server 2008, will be reaching the end of mainstream support in six months time.
Microsoft usually provides mainstream support for its products for a five-year period, where the company provides free updated features or performance enhancements. After this period Microsoft starts providing extended support for the product, where users receive free security fixes but pay for other types of updates, typically for five years also.
Free mainstream support for all versions of Windows 7 will end on 13 Jan 2015, but the company has promised to provide security patches through to 2020.
The end of mainstream support date for Windows 8.X is 9 Jan 2018.
Other products reaching the end of mainstream support in January 2015 include Windows Server 2008 and 2008 R2, Exchange Server 2010, Windows Storage Server 2008, Dynamics C5 2010, NAV 2009 and NAV 2009 R2. Windows Phone 7.8 mainstream support ends 9th September this year.