Microsoft Patch Tuesday November 2013 What was not fixed

 

What was fixed by this Patch Tuesday:
This month, Microsoft released eight bulletins, with four Critical updates and four Important updates. One of the Critical updates fixes a serious flaw in Internet Explorer that hackers have been using to take over computers.

The other updates block similar problems in Windows and other Microsoft products. That's why you need to make sure these security updates installed properly.

If you have automatic updates turned on, your computer will install the Windows updates the next time you shut down. If the updates still need to be applied, you should see a yellow security notification on the red shut down button in your Start menu.

Click the button to turn off your computer and install the security updates. This could take a little bit of time, so make sure you don't need to use your computer in the mean time.

What was not fixed by this Patch Tuesday:
Zero Day! For this new threat, hackers have found a way to bypass Windows' security measures to take control of your computer - even if you have security software installed. The danger can come as an email attachment or from a malicious website. You need to know what to look for so you can be on your guard.

Pass this on to your friends and family so they can take steps to protect themselves.

The flaw centers around the way Windows and Office handle TIFF image files.

You might open a Word document containing a malicious TIFF image or visit a website that has a malicious TIFF image loaded. Hackers can use the image to bypass your security and take control of your computer.

Microsoft will probably release a fix in next week's Patch Tuesday, but that might not be soon enough to save your computer. Until then, here are some ways you can stay safe.

You can use Microsoft's Fix It tool to stop Windows from loading TIFF images. TIFF images aren't widely used anymore, so this shouldn't affect your life that much. Click here to visit the Fix it page. Then click the image under Enable this Fix it and follow the directions. But that isn't all.

Don't download email attachments from people you don't know, and be extra suspicious of Word files. You also don't want to click any suspicious links in email or on social media sites. Click here to learn more about avoiding phishing email and websites.

Make sure you're using a Standard Windows account instead of an Administrator account. Even if a hacker takes over your system, they won't be able to do as much with a Standard account.

Adobe:
Adobe products, PDF Reader and Flash, were not included in the Microsoft Update because they are not Microsoft. Many people have turned off Adobe updates because the impact is usually minor compared to the nuisance created by their relentless screen messages. However, this time, I recommend performing Adobe updates.

Bottom Line: Make sure you restart your Windows Computers and Servers first thing this morning.

Of course, if you are running Apple iOS or Linux, none of this is necessary.

(Credit: Most of this information came from the kim Komando website)