Patch Tuesday Wednesday (Apr-2014)

patch-tuesday This month Microsoft have released four (4) security bulletins of which two (2) have a maximum rating of Critical and two (2) have a maximum rating of Important.

❝ . S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in Microsoft Windows, Internet Explorer and Microsoft Office. The update for Microsoft Word addresses the issues described in Microsoft Security Advisory 2953095. For those who prioritize, we recommend this bulletin as well as the update for Internet Explorer be on the top of your list.
We would be remiss if we did not mention another end; the end of support for Windows XP and Office 2003. The updates provided by MS14-018 and MS14-019 will be the final security updates for Windows XP; MS14-017 and MS14-020 are the final update for Office 2003. ❞ [1]

Bulletin KB number Description Impact / Severity Software
MS14-017 2949660 Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution Critical :
Remote Code Execution
Microsoft Office, Microsoft Office Services, Microsoft Office Web Apps
MS14-018 2950467 Cumulative Security Update for Internet Explorer Critical :
Remote Code Execution
Microsoft Windows, Internet Explorer
MS14-019 2922229 Vulnerability in Windows File Handling Component Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Windows
MS14-020 2950145 Vulnerability in Microsoft Publisher Could Allow Remote Code Execution Important :
Remote Code Execution
Microsoft Office

PATCH NOW:
* MS14-017 – Known exploits!

LINKS:
[1.] The April 2014 Security Updates (2014-Apr-08) [MS: MSRC]
[2.] April 2014 Microsoft Patches (2014-Apr-08) [SANS]
[3.] Microsoft Security Bulletin Summary for March 2014 (2014-Apr-08) [MS]
Advertisements
This entry was posted in microsoft, patch, Patch_Tuesday, security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s