Microsoft released 7 patches for December
Over this week Microsoft have released their monthly windows update that fix several security vulnerabilities. 7 patches that address security issues in Internet explorer, Windows operating system , Microsoft office and Microsoft exchange server. among the updates we have 3 critical and 4 important ones.
Five from the seven patches will fix remote code execution vulnerabilities, other will patch elevation of privilege vulnerability on exchange server and there is a patch for Information Disclosure vulnerability that affect a user that browses a website containing specially crafted JPEG content.
Testing patches is important especially that Microsoft sometimes fail to provide the good windows patch due to lack of testing on their environment. recent case is KB3004394 for Windows 7 SP1 and Windows Server 2008 R2 SP1 where the patch blocked Windows Defender and VirtualBox beside difficulties with installing other windows update.
Usually Microsoft will not cover testing all third party applications and drivers you use with the operating system and they are not aware if these update will affect applications so you are invited to install the updates and run your functionality/ performance / security testing to be sure that there will be no negative impact on your system. If you will detect issues you can report them to Microsoft so they create a bug fix to the problem.
You can find the Microsoft Security Bulletin Summary for December 2014 https://technet.microsoft.com/library/security/ms14-dec