Microsoft Kicks Off Summer with Seven Patch Tuesday Bulletins

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next Microsoft Kicks Off Summer with Seven Patch Tuesday Bulletins-2 Next

MS14-035: Critical

Last month, IE saw a lot of activity, first with the out-of-band patch released on May 1, a point fix released as part of May’s Patch Tuesday, and a vulnerability that was publicly disclosed by the Zero-Day Initiative on May 21. This cumulative update includes a fix for the ZDI reported vulnerability and one other publicly reported vulnerability. The ZDI reported vulnerability had a limited attack surface (impacting IE 8 only) and since it was publicly reported, there are no known active attacks. In fact, none of the vulnerabilities in this month’s release are under active attack, including these two publicly reported vulnerabilities.

Of the seven bulletins released for June Patch Tuesday, two are rated critical and five are rated important. All together, they cover a total of 66 CVEs, but one, MS14-035, remediates 59 of those CVEs. Yes, it’s time for another IE cumulative update and this should (again) be first on your list of patching priorities for June from Microsoft. Russ Ernst, director, product management at Lumension, provides a rundown on the patches for this month.

June Patch Summary

MS14-035: Cumulative Security Update for Internet Explorer (2969262)
Severity: Critical
Restart: Requires restart
Affects: Microsoft Windows, Internet Explorer

MS 14-036: Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
Severity: Critical
Restart: Requires restart
Affects: Microsoft, Microsoft Office, Microsoft Lync

MS14-034: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
Severity: Important
Restart: May require restart
Affects: Microsoft Office

MS14-033: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
Severity: Important
Restart: May require restart
Affects: Microsoft Windows

MS14-032: Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
Severity: Important
Restart: May require restart
Affects: Microsoft Lync Server

MS14-031: Vulnerability in TCP Protocol Could Allow Denial of Service (2962478)
Severity: Important
Restart: Requires restart
Affects: Microsoft Windows

MS14-030: Vulnerability in Remote Desktop Could Allow Tampering (2969259)
Severity: Important
Restart: May require restart
Affects: Microsoft Windows

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.