Microsoft plans five security fixes for February’s Patch Tuesday
Microsoft released their security advisory advance notification; this month we have 5 security bulletin that comes to fix security vulnerabilities in windows operating system and Microsoft Forefront Protection 2010 for Exchange Server.
Two of the five planned security patches are critical and allow remote user to run a malicious code on vulnerable system and the remaining patches are rated as important. This still to be considered as a small updates compared to previous series of security patches.
The upcoming patches also include a security update that restrict certificate with MD5 hashes. Using MD5 in certificate may allow a malicious user to spoof the network communication and conduct a man in the middle attack on victim machine.
If you are using one of the affected systems on your infrastructure make sure to read the advance notification to plan your security patches deployment. there is one patch that require system restart while remaining may require to restart your system. You can read the Microsoft 5 Bulletins on the following link: http://technet.microsoft.com/en-us/security/bulletin/ms14-feb