All updates released in January affect all major versions of Windows, including Windows 8.x, Windows RT 8.x, Windows 7 and Windows Server. Five of the updates resolve elevation of privilege that could allow exploiting the vulnerability to affect the operating system. Two of the security updates address vulnerability that could allow security feature bypass. The last update deals with vulnerability in network policy server RADIUS implementation that could cause denial of service. This Patch Tuesday also addresses the issue, Microsoft criticized Google for publishing information two days before of its release. The update is defined as KB3023266: “The vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could bypass existing permission checks that are performed during cache modification in the Microsoft Windows Application Compatibility component and execute arbitrary code with elevated privileges.” Microsoft is also making available the last update for Windows 19 build 9879, which is a security update for Flash in Internet Explorer.
— Gabriel Aul (@GabeAul) January 13, 2015 This far it appears that Microsoft won’t be releasing a new firmware update for Surface tablets, not even for Surface Pro 3. Like always if you have enabled automatic update, these updates will install automatically. However, you can always go to Windows Update from the Control Panel and install all the January updates manually. Update: Microsoft releases firmware update for all three versions of Surface Pro. Source Microsoft All content on this site is provided with no warranties, express or implied. Use any information at your own risk. Always backup of your device and files before making any changes. Privacy policy info.